Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/drupal/drupal@8.0.0
Typecomposer
Namespacedrupal
Namedrupal
Version8.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.2.11
Latest_non_vulnerable_version11.0.8
Affected_by_vulnerabilities
0
url VCID-1922-fwnz-wkbt
vulnerability_id VCID-1922-fwnz-wkbt
summary 
Improper Privilege Management
When using the REST API, users without the correct permission can post comments via REST that are approved even if the user does not have permission to post approved comments. This issue only affects sites that have the RESTful Web Services (rest) module enabled, the comment entity REST resource enabled, and where an attacker can access a user account on the site with permissions to post comments, or where anonymous users can post comments.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6924
reference_id
reference_type
scores
0
value 0.00488
scoring_system epss
scoring_elements 0.65375
published_at 2026-04-01T12:55:00Z
1
value 0.00488
scoring_system epss
scoring_elements 0.65457
published_at 2026-04-13T12:55:00Z
2
value 0.00488
scoring_system epss
scoring_elements 0.65484
published_at 2026-04-12T12:55:00Z
3
value 0.00488
scoring_system epss
scoring_elements 0.65498
published_at 2026-04-11T12:55:00Z
4
value 0.00488
scoring_system epss
scoring_elements 0.65479
published_at 2026-04-09T12:55:00Z
5
value 0.00488
scoring_system epss
scoring_elements 0.65468
published_at 2026-04-08T12:55:00Z
6
value 0.00488
scoring_system epss
scoring_elements 0.65415
published_at 2026-04-07T12:55:00Z
7
value 0.00488
scoring_system epss
scoring_elements 0.65451
published_at 2026-04-04T12:55:00Z
8
value 0.00488
scoring_system epss
scoring_elements 0.65424
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6924
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6924.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6924.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6924.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6924.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6924
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6924
5
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-08-16/drupal-core-multiple
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-08-16/drupal-core-multiple
6
reference_url https://www.drupal.org/SA-CORE-2017-004
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-004
7
reference_url http://www.securityfocus.com/bid/100368
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/100368
8
reference_url http://www.securitytracker.com/id/1039200
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1039200
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
10
reference_url https://github.com/advisories/GHSA-p8g6-5mg7-9r5q
reference_id GHSA-p8g6-5mg7-9r5q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p8g6-5mg7-9r5q
fixed_packages
0
url pkg:composer/drupal/drupal@8.3.0
purl pkg:composer/drupal/drupal@8.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3hf4-tvxn-zyh4
3
vulnerability VCID-48ut-ykkc-83fx
4
vulnerability VCID-4aer-46u2-23f6
5
vulnerability VCID-565p-mgqe-gkfc
6
vulnerability VCID-5tqs-qmqn-gug5
7
vulnerability VCID-636u-5bdw-puh4
8
vulnerability VCID-6ck5-9e5b-w3ay
9
vulnerability VCID-6m8x-cfzp-tkf4
10
vulnerability VCID-8nda-kjr2-ufd4
11
vulnerability VCID-9f24-vqyt-r7dq
12
vulnerability VCID-9vdz-1jpq-kue3
13
vulnerability VCID-bbzr-hbhv-yyee
14
vulnerability VCID-c9dm-17vt-4bbc
15
vulnerability VCID-cucx-jfqf-pkd1
16
vulnerability VCID-dgjq-y5zj-cud1
17
vulnerability VCID-g1rp-twzp-63e1
18
vulnerability VCID-ga35-289v-vqhr
19
vulnerability VCID-gzcu-sbks-wyfa
20
vulnerability VCID-hzr8-ttbu-ebhg
21
vulnerability VCID-jfq8-xxwa-mkd1
22
vulnerability VCID-jnu7-1j9c-dqck
23
vulnerability VCID-k1gx-nznx-7qd6
24
vulnerability VCID-kh51-g4cv-tqaw
25
vulnerability VCID-krhy-kg1b-rfbk
26
vulnerability VCID-mapb-hsvc-2khc
27
vulnerability VCID-n119-gta2-kfg1
28
vulnerability VCID-n7un-zgqv-jfef
29
vulnerability VCID-nc36-atc6-yua6
30
vulnerability VCID-nd8n-5dsu-2fbp
31
vulnerability VCID-pk74-yy1n-8qck
32
vulnerability VCID-r8pv-9upr-y7gd
33
vulnerability VCID-rhj7-dy7q-jkhw
34
vulnerability VCID-rr4q-f5cv-nkah
35
vulnerability VCID-s9kv-9qfu-gbdq
36
vulnerability VCID-t84c-8r34-57b9
37
vulnerability VCID-ty3y-k9t2-qyba
38
vulnerability VCID-u1xx-aazv-bkg5
39
vulnerability VCID-u4w3-usvb-jyf6
40
vulnerability VCID-uqcw-p8g2-cfd2
41
vulnerability VCID-utyg-huhu-2ucq
42
vulnerability VCID-vevm-4sfk-f7gq
43
vulnerability VCID-vq5y-hdw3-nucj
44
vulnerability VCID-w3q4-838v-97ck
45
vulnerability VCID-wbuz-qcp3-43aq
46
vulnerability VCID-wbvy-zrtk-audw
47
vulnerability VCID-ww44-hb2y-mfd5
48
vulnerability VCID-wwvq-399y-rfhc
49
vulnerability VCID-y74s-ghyc-2bhs
50
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.0
1
url pkg:composer/drupal/drupal@8.3.7
purl pkg:composer/drupal/drupal@8.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-48ut-ykkc-83fx
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5tqs-qmqn-gug5
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-8nda-kjr2-ufd4
10
vulnerability VCID-9f24-vqyt-r7dq
11
vulnerability VCID-9vdz-1jpq-kue3
12
vulnerability VCID-bbzr-hbhv-yyee
13
vulnerability VCID-c9dm-17vt-4bbc
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-dgjq-y5zj-cud1
16
vulnerability VCID-g1rp-twzp-63e1
17
vulnerability VCID-ga35-289v-vqhr
18
vulnerability VCID-gzcu-sbks-wyfa
19
vulnerability VCID-jfq8-xxwa-mkd1
20
vulnerability VCID-jnu7-1j9c-dqck
21
vulnerability VCID-k1gx-nznx-7qd6
22
vulnerability VCID-kh51-g4cv-tqaw
23
vulnerability VCID-mapb-hsvc-2khc
24
vulnerability VCID-n119-gta2-kfg1
25
vulnerability VCID-n7un-zgqv-jfef
26
vulnerability VCID-nc36-atc6-yua6
27
vulnerability VCID-nd8n-5dsu-2fbp
28
vulnerability VCID-pk74-yy1n-8qck
29
vulnerability VCID-r8pv-9upr-y7gd
30
vulnerability VCID-rhj7-dy7q-jkhw
31
vulnerability VCID-rr4q-f5cv-nkah
32
vulnerability VCID-s9kv-9qfu-gbdq
33
vulnerability VCID-t84c-8r34-57b9
34
vulnerability VCID-ty3y-k9t2-qyba
35
vulnerability VCID-u1xx-aazv-bkg5
36
vulnerability VCID-u4w3-usvb-jyf6
37
vulnerability VCID-uqcw-p8g2-cfd2
38
vulnerability VCID-utyg-huhu-2ucq
39
vulnerability VCID-vevm-4sfk-f7gq
40
vulnerability VCID-vq5y-hdw3-nucj
41
vulnerability VCID-w3q4-838v-97ck
42
vulnerability VCID-wbuz-qcp3-43aq
43
vulnerability VCID-wbvy-zrtk-audw
44
vulnerability VCID-ww44-hb2y-mfd5
45
vulnerability VCID-wwvq-399y-rfhc
46
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.7
aliases CVE-2017-6924, GHSA-p8g6-5mg7-9r5q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1922-fwnz-wkbt
1
url VCID-2ctt-zm9j-17bx
vulnerability_id VCID-2ctt-zm9j-17bx
summary 
Session data truncation can lead to unserialization of user provided data
Drupal might allow remote attackers to execute arbitrary code via vectors related to session data truncation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3171
reference_id
reference_type
scores
0
value 0.08219
scoring_system epss
scoring_elements 0.92178
published_at 2026-04-01T12:55:00Z
1
value 0.08219
scoring_system epss
scoring_elements 0.92212
published_at 2026-04-13T12:55:00Z
2
value 0.08219
scoring_system epss
scoring_elements 0.92215
published_at 2026-04-12T12:55:00Z
3
value 0.08219
scoring_system epss
scoring_elements 0.92214
published_at 2026-04-11T12:55:00Z
4
value 0.08219
scoring_system epss
scoring_elements 0.92209
published_at 2026-04-09T12:55:00Z
5
value 0.08219
scoring_system epss
scoring_elements 0.92191
published_at 2026-04-04T12:55:00Z
6
value 0.08219
scoring_system epss
scoring_elements 0.92185
published_at 2026-04-02T12:55:00Z
7
value 0.08219
scoring_system epss
scoring_elements 0.92206
published_at 2026-04-08T12:55:00Z
8
value 0.08219
scoring_system epss
scoring_elements 0.92194
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3171
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3171.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3171.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3171.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3171.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3171
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3171
5
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
6
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
7
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
8
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.27:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.5.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.28:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
102
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
103
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
104
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
105
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
106
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
107
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
108
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
109
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
110
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
111
reference_url https://github.com/advisories/GHSA-69g8-g9jq-74v7
reference_id GHSA-69g8-g9jq-74v7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-69g8-g9jq-74v7
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3171, GHSA-69g8-g9jq-74v7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ctt-zm9j-17bx
2
url VCID-349d-w26k-mqfw
vulnerability_id VCID-349d-w26k-mqfw
summary 
Moderately critical - Third-party libraries - SA-CORE-2019-007
The `PharStreamWrapper` (aka `phar-stream-wrapper`) package does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a `phar:///path/bad.phar/../good.phar` URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11831
reference_id
reference_type
scores
0
value 0.09656
scoring_system epss
scoring_elements 0.92901
published_at 2026-04-13T12:55:00Z
1
value 0.09656
scoring_system epss
scoring_elements 0.929
published_at 2026-04-12T12:55:00Z
2
value 0.09656
scoring_system epss
scoring_elements 0.92902
published_at 2026-04-11T12:55:00Z
3
value 0.09656
scoring_system epss
scoring_elements 0.92897
published_at 2026-04-09T12:55:00Z
4
value 0.10327
scoring_system epss
scoring_elements 0.93164
published_at 2026-04-02T12:55:00Z
5
value 0.10327
scoring_system epss
scoring_elements 0.93155
published_at 2026-04-01T12:55:00Z
6
value 0.10327
scoring_system epss
scoring_elements 0.93175
published_at 2026-04-08T12:55:00Z
7
value 0.10327
scoring_system epss
scoring_elements 0.93167
published_at 2026-04-07T12:55:00Z
8
value 0.10327
scoring_system epss
scoring_elements 0.93168
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11831
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11831
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-11831.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-11831.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-11831.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-11831.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/phar-stream-wrapper/CVE-2019-11831.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/phar-stream-wrapper/CVE-2019-11831.yaml
5
reference_url https://github.com/TYPO3/phar-stream-wrapper
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/phar-stream-wrapper
6
reference_url https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v2.1.1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v2.1.1
7
reference_url https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.1
8
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65ODQHDHWR74L6TCAPAQR5FQHG6MCXAW/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QDJVUJPUW3RZ4746SC6BX4F4T6ZXNBH/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUEXS4HRI4XZ2DTZMWAVQBYBTFSJ34AR/
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E3NUKPG7V4QEM6QXRMHYR4ABFMW5MM2P/
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JX7WR6DPMKCZQP7EYFACYXSGJ3K523/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z246UWBXBEKTQUDTLRJTC7XYBIO4IBE4/
33
reference_url https://seclists.org/bugtraq/2019/May/36
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/May/36
34
reference_url https://typo3.org/security/advisory/typo3-psa-2019-007
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-psa-2019-007
35
reference_url https://typo3.org/security/advisory/typo3-psa-2019-007/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-psa-2019-007/
36
reference_url https://www.debian.org/security/2019/dsa-4445
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4445
37
reference_url https://www.drupal.org/sa-core-2019-007
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-007
38
reference_url https://www.drupal.org/SA-CORE-2019-007
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2019-007
39
reference_url https://www.synology.com/security/advisory/Synology_SA_19_22
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_22
40
reference_url http://www.securityfocus.com/bid/108302
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/108302
41
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11831
reference_id CVE-2019-11831
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11831
42
reference_url https://github.com/advisories/GHSA-xv7v-rf6g-xwrc
reference_id GHSA-xv7v-rf6g-xwrc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xv7v-rf6g-xwrc
fixed_packages
0
url pkg:composer/drupal/drupal@8.6.16
purl pkg:composer/drupal/drupal@8.6.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ck5-9e5b-w3ay
1
vulnerability VCID-6m8x-cfzp-tkf4
2
vulnerability VCID-bbzr-hbhv-yyee
3
vulnerability VCID-dgjq-y5zj-cud1
4
vulnerability VCID-jfq8-xxwa-mkd1
5
vulnerability VCID-k1gx-nznx-7qd6
6
vulnerability VCID-kh51-g4cv-tqaw
7
vulnerability VCID-mapb-hsvc-2khc
8
vulnerability VCID-n119-gta2-kfg1
9
vulnerability VCID-n7un-zgqv-jfef
10
vulnerability VCID-pk74-yy1n-8qck
11
vulnerability VCID-r8pv-9upr-y7gd
12
vulnerability VCID-ty3y-k9t2-qyba
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-uqcw-p8g2-cfd2
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-w3q4-838v-97ck
17
vulnerability VCID-wbuz-qcp3-43aq
18
vulnerability VCID-wbvy-zrtk-audw
19
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.16
1
url pkg:composer/drupal/drupal@8.7.1
purl pkg:composer/drupal/drupal@8.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5618-53yg-8qh4
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-cvxp-ctj9-guej
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-jfq8-xxwa-mkd1
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kh51-g4cv-tqaw
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-nj3a-eb59-jygs
13
vulnerability VCID-pk74-yy1n-8qck
14
vulnerability VCID-r8pv-9upr-y7gd
15
vulnerability VCID-ty3y-k9t2-qyba
16
vulnerability VCID-u4w3-usvb-jyf6
17
vulnerability VCID-uqcw-p8g2-cfd2
18
vulnerability VCID-vevm-4sfk-f7gq
19
vulnerability VCID-w3q4-838v-97ck
20
vulnerability VCID-wbuz-qcp3-43aq
21
vulnerability VCID-wbvy-zrtk-audw
22
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.1
aliases CVE-2019-11831, GHSA-xv7v-rf6g-xwrc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-349d-w26k-mqfw
3
url VCID-381m-cmnk-ykef
vulnerability_id VCID-381m-cmnk-ykef
summary 
Information Exposure
The Views module in Drupal and the Views module might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6212
reference_id
reference_type
scores
0
value 0.00537
scoring_system epss
scoring_elements 0.67474
published_at 2026-04-02T12:55:00Z
1
value 0.00537
scoring_system epss
scoring_elements 0.67515
published_at 2026-04-13T12:55:00Z
2
value 0.00537
scoring_system epss
scoring_elements 0.67548
published_at 2026-04-12T12:55:00Z
3
value 0.00537
scoring_system epss
scoring_elements 0.67561
published_at 2026-04-11T12:55:00Z
4
value 0.00537
scoring_system epss
scoring_elements 0.67539
published_at 2026-04-09T12:55:00Z
5
value 0.00537
scoring_system epss
scoring_elements 0.67525
published_at 2026-04-08T12:55:00Z
6
value 0.00537
scoring_system epss
scoring_elements 0.67473
published_at 2026-04-07T12:55:00Z
7
value 0.00537
scoring_system epss
scoring_elements 0.67495
published_at 2026-04-04T12:55:00Z
8
value 0.00537
scoring_system epss
scoring_elements 0.67438
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6212
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-6212.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-6212.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-6212.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-6212.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6212
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6212
5
reference_url https://www.drupal.org/node/2749333
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/node/2749333
6
reference_url https://www.drupal.org/SA-CORE-2016-002
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-002
7
reference_url http://www.openwall.com/lists/oss-security/2016/07/13/4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/07/13/4
8
reference_url http://www.openwall.com/lists/oss-security/2016/07/13/7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/07/13/7
9
reference_url http://www.securityfocus.com/bid/91230
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/91230
10
reference_url https://github.com/advisories/GHSA-rfxx-gxwc-923c
reference_id GHSA-rfxx-gxwc-923c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rfxx-gxwc-923c
fixed_packages
0
url pkg:composer/drupal/drupal@8.1.0
purl pkg:composer/drupal/drupal@8.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-4wwt-vt76-dbe1
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5tqs-qmqn-gug5
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-8nda-kjr2-ufd4
13
vulnerability VCID-9f24-vqyt-r7dq
14
vulnerability VCID-9vdz-1jpq-kue3
15
vulnerability VCID-bbzr-hbhv-yyee
16
vulnerability VCID-c9dm-17vt-4bbc
17
vulnerability VCID-cucx-jfqf-pkd1
18
vulnerability VCID-d4qd-ut89-gbf4
19
vulnerability VCID-dgjq-y5zj-cud1
20
vulnerability VCID-fm5k-u7s6-wfhb
21
vulnerability VCID-g1rp-twzp-63e1
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hzr8-ttbu-ebhg
25
vulnerability VCID-jfq8-xxwa-mkd1
26
vulnerability VCID-jnu7-1j9c-dqck
27
vulnerability VCID-k1gx-nznx-7qd6
28
vulnerability VCID-kh51-g4cv-tqaw
29
vulnerability VCID-krhy-kg1b-rfbk
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-sktb-khbq-cuaq
41
vulnerability VCID-t84c-8r34-57b9
42
vulnerability VCID-ty3y-k9t2-qyba
43
vulnerability VCID-u1xx-aazv-bkg5
44
vulnerability VCID-u4w3-usvb-jyf6
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-utyg-huhu-2ucq
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vq5y-hdw3-nucj
49
vulnerability VCID-vy1y-zkf3-4ue4
50
vulnerability VCID-w3q4-838v-97ck
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-wbvy-zrtk-audw
53
vulnerability VCID-ww44-hb2y-mfd5
54
vulnerability VCID-wwvq-399y-rfhc
55
vulnerability VCID-y74s-ghyc-2bhs
56
vulnerability VCID-yare-57j9-j7cs
57
vulnerability VCID-ymka-jfep-87gt
58
vulnerability VCID-yrzt-3m97-53ce
59
vulnerability VCID-yty5-zn46-r3dj
60
vulnerability VCID-zvtp-4we3-qygx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.0
1
url pkg:composer/drupal/drupal@8.1.3
purl pkg:composer/drupal/drupal@8.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-4wwt-vt76-dbe1
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5tqs-qmqn-gug5
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-8nda-kjr2-ufd4
13
vulnerability VCID-9f24-vqyt-r7dq
14
vulnerability VCID-9vdz-1jpq-kue3
15
vulnerability VCID-bbzr-hbhv-yyee
16
vulnerability VCID-c9dm-17vt-4bbc
17
vulnerability VCID-cucx-jfqf-pkd1
18
vulnerability VCID-d4qd-ut89-gbf4
19
vulnerability VCID-dgjq-y5zj-cud1
20
vulnerability VCID-fm5k-u7s6-wfhb
21
vulnerability VCID-g1rp-twzp-63e1
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hzr8-ttbu-ebhg
25
vulnerability VCID-jfq8-xxwa-mkd1
26
vulnerability VCID-jnu7-1j9c-dqck
27
vulnerability VCID-k1gx-nznx-7qd6
28
vulnerability VCID-kh51-g4cv-tqaw
29
vulnerability VCID-krhy-kg1b-rfbk
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-sktb-khbq-cuaq
41
vulnerability VCID-t84c-8r34-57b9
42
vulnerability VCID-ty3y-k9t2-qyba
43
vulnerability VCID-u1xx-aazv-bkg5
44
vulnerability VCID-u4w3-usvb-jyf6
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-utyg-huhu-2ucq
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vq5y-hdw3-nucj
49
vulnerability VCID-vy1y-zkf3-4ue4
50
vulnerability VCID-w3q4-838v-97ck
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-wbvy-zrtk-audw
53
vulnerability VCID-ww44-hb2y-mfd5
54
vulnerability VCID-wwvq-399y-rfhc
55
vulnerability VCID-y74s-ghyc-2bhs
56
vulnerability VCID-yare-57j9-j7cs
57
vulnerability VCID-ymka-jfep-87gt
58
vulnerability VCID-yrzt-3m97-53ce
59
vulnerability VCID-yty5-zn46-r3dj
60
vulnerability VCID-zvtp-4we3-qygx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.3
aliases CVE-2016-6212, GHSA-rfxx-gxwc-923c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-381m-cmnk-ykef
4
url VCID-3fka-y25d-m7a3
vulnerability_id VCID-3fka-y25d-m7a3
summary 
Improper Input Validation
A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted `phar://` URI. Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability. This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6339
reference_id
reference_type
scores
0
value 0.76091
scoring_system epss
scoring_elements 0.98913
published_at 2026-04-02T12:55:00Z
1
value 0.76091
scoring_system epss
scoring_elements 0.98921
published_at 2026-04-13T12:55:00Z
2
value 0.76091
scoring_system epss
scoring_elements 0.9892
published_at 2026-04-11T12:55:00Z
3
value 0.76091
scoring_system epss
scoring_elements 0.98918
published_at 2026-04-09T12:55:00Z
4
value 0.76091
scoring_system epss
scoring_elements 0.98919
published_at 2026-04-08T12:55:00Z
5
value 0.76091
scoring_system epss
scoring_elements 0.98917
published_at 2026-04-07T12:55:00Z
6
value 0.76091
scoring_system epss
scoring_elements 0.98912
published_at 2026-04-01T12:55:00Z
7
value 0.76091
scoring_system epss
scoring_elements 0.98915
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6339
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6338
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6338
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6339
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6339
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6339.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6339.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6339.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6339.yaml
5
reference_url https://lists.debian.org/debian-lts-announce/2019/02/msg00004.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/02/msg00004.html
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6339
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6339
7
reference_url https://www.debian.org/security/2019/dsa-4370
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4370
8
reference_url https://www.drupal.org/sa-core-2019-002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-002
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
12
reference_url https://github.com/advisories/GHSA-8cw5-rv98-5c46
reference_id GHSA-8cw5-rv98-5c46
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8cw5-rv98-5c46
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.9
purl pkg:composer/drupal/drupal@8.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.9
1
url pkg:composer/drupal/drupal@8.6.6
purl pkg:composer/drupal/drupal@8.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-565p-mgqe-gkfc
2
vulnerability VCID-636u-5bdw-puh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-dgjq-y5zj-cud1
7
vulnerability VCID-djgn-ezxp-37eu
8
vulnerability VCID-jfq8-xxwa-mkd1
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-kh51-g4cv-tqaw
11
vulnerability VCID-mapb-hsvc-2khc
12
vulnerability VCID-n119-gta2-kfg1
13
vulnerability VCID-n7un-zgqv-jfef
14
vulnerability VCID-pk74-yy1n-8qck
15
vulnerability VCID-r8pv-9upr-y7gd
16
vulnerability VCID-rhj7-dy7q-jkhw
17
vulnerability VCID-ty3y-k9t2-qyba
18
vulnerability VCID-u4w3-usvb-jyf6
19
vulnerability VCID-uqcw-p8g2-cfd2
20
vulnerability VCID-vevm-4sfk-f7gq
21
vulnerability VCID-w3q4-838v-97ck
22
vulnerability VCID-wbuz-qcp3-43aq
23
vulnerability VCID-wbvy-zrtk-audw
24
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.6
aliases CVE-2019-6339, GHSA-8cw5-rv98-5c46
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fka-y25d-m7a3
5
url VCID-3hf4-tvxn-zyh4
vulnerability_id VCID-3hf4-tvxn-zyh4
summary 
Files uploaded by anonymous users accessed by other users
Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core does not provide this protection, allowing an access bypass vulnerability to occur. This issue is mitigated by the fact that in order to be affected, the site must allow anonymous users to upload files into a private file system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6922
reference_id
reference_type
scores
0
value 0.01788
scoring_system epss
scoring_elements 0.82674
published_at 2026-04-01T12:55:00Z
1
value 0.01788
scoring_system epss
scoring_elements 0.8274
published_at 2026-04-13T12:55:00Z
2
value 0.01788
scoring_system epss
scoring_elements 0.82744
published_at 2026-04-12T12:55:00Z
3
value 0.01788
scoring_system epss
scoring_elements 0.82749
published_at 2026-04-11T12:55:00Z
4
value 0.01788
scoring_system epss
scoring_elements 0.82732
published_at 2026-04-09T12:55:00Z
5
value 0.01788
scoring_system epss
scoring_elements 0.82726
published_at 2026-04-08T12:55:00Z
6
value 0.01788
scoring_system epss
scoring_elements 0.827
published_at 2026-04-07T12:55:00Z
7
value 0.01788
scoring_system epss
scoring_elements 0.82704
published_at 2026-04-04T12:55:00Z
8
value 0.01788
scoring_system epss
scoring_elements 0.8269
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6922
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6922
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6922
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6922.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6922.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6922.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6922.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6922
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6922
6
reference_url https://www.debian.org/security/2017/dsa-3897
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-3897
7
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
8
reference_url https://www.drupal.org/SA-CORE-2017-003
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-003
9
reference_url http://www.securityfocus.com/bid/99219
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/99219
10
reference_url http://www.securitytracker.com/id/1038781
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038781
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
14
reference_url https://github.com/advisories/GHSA-58f3-cx8p-h8jg
reference_id GHSA-58f3-cx8p-h8jg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-58f3-cx8p-h8jg
fixed_packages
0
url pkg:composer/drupal/drupal@8.3.4
purl pkg:composer/drupal/drupal@8.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-48ut-ykkc-83fx
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5tqs-qmqn-gug5
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-8nda-kjr2-ufd4
10
vulnerability VCID-9f24-vqyt-r7dq
11
vulnerability VCID-9vdz-1jpq-kue3
12
vulnerability VCID-bbzr-hbhv-yyee
13
vulnerability VCID-c9dm-17vt-4bbc
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-dgjq-y5zj-cud1
16
vulnerability VCID-g1rp-twzp-63e1
17
vulnerability VCID-ga35-289v-vqhr
18
vulnerability VCID-gzcu-sbks-wyfa
19
vulnerability VCID-jfq8-xxwa-mkd1
20
vulnerability VCID-jnu7-1j9c-dqck
21
vulnerability VCID-k1gx-nznx-7qd6
22
vulnerability VCID-kh51-g4cv-tqaw
23
vulnerability VCID-mapb-hsvc-2khc
24
vulnerability VCID-n119-gta2-kfg1
25
vulnerability VCID-n7un-zgqv-jfef
26
vulnerability VCID-nc36-atc6-yua6
27
vulnerability VCID-nd8n-5dsu-2fbp
28
vulnerability VCID-pk74-yy1n-8qck
29
vulnerability VCID-r8pv-9upr-y7gd
30
vulnerability VCID-rhj7-dy7q-jkhw
31
vulnerability VCID-rr4q-f5cv-nkah
32
vulnerability VCID-s9kv-9qfu-gbdq
33
vulnerability VCID-t84c-8r34-57b9
34
vulnerability VCID-ty3y-k9t2-qyba
35
vulnerability VCID-u1xx-aazv-bkg5
36
vulnerability VCID-u4w3-usvb-jyf6
37
vulnerability VCID-uqcw-p8g2-cfd2
38
vulnerability VCID-utyg-huhu-2ucq
39
vulnerability VCID-vevm-4sfk-f7gq
40
vulnerability VCID-vq5y-hdw3-nucj
41
vulnerability VCID-w3q4-838v-97ck
42
vulnerability VCID-wbuz-qcp3-43aq
43
vulnerability VCID-wbvy-zrtk-audw
44
vulnerability VCID-ww44-hb2y-mfd5
45
vulnerability VCID-wwvq-399y-rfhc
46
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.4
aliases CVE-2017-6922, GHSA-58f3-cx8p-h8jg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3hf4-tvxn-zyh4
6
url VCID-48ut-ykkc-83fx
vulnerability_id VCID-48ut-ykkc-83fx
summary 
Comment reply form allows access to restricted content
Users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content. This vulnerability is mitigated by the fact that the comment system must be enabled and the attacker must have permission to post comments.
references
0
reference_url http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6926
reference_id
reference_type
scores
url http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6926
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6926
reference_id
reference_type
scores
0
value 0.00366
scoring_system epss
scoring_elements 0.58547
published_at 2026-04-13T12:55:00Z
1
value 0.00366
scoring_system epss
scoring_elements 0.58437
published_at 2026-04-01T12:55:00Z
2
value 0.00366
scoring_system epss
scoring_elements 0.58522
published_at 2026-04-02T12:55:00Z
3
value 0.00366
scoring_system epss
scoring_elements 0.58542
published_at 2026-04-04T12:55:00Z
4
value 0.00366
scoring_system epss
scoring_elements 0.58512
published_at 2026-04-07T12:55:00Z
5
value 0.00366
scoring_system epss
scoring_elements 0.58564
published_at 2026-04-08T12:55:00Z
6
value 0.00366
scoring_system epss
scoring_elements 0.58571
published_at 2026-04-09T12:55:00Z
7
value 0.00366
scoring_system epss
scoring_elements 0.58587
published_at 2026-04-11T12:55:00Z
8
value 0.00366
scoring_system epss
scoring_elements 0.58567
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6926
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6926.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6926.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6926.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6926.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6926
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6926
6
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
7
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
8
reference_url https://github.com/advisories/GHSA-2p28-5mvp-2j2r
reference_id GHSA-2p28-5mvp-2j2r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2p28-5mvp-2j2r
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.5
purl pkg:composer/drupal/drupal@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-ga35-289v-vqhr
15
vulnerability VCID-gzcu-sbks-wyfa
16
vulnerability VCID-jfq8-xxwa-mkd1
17
vulnerability VCID-k1gx-nznx-7qd6
18
vulnerability VCID-kh51-g4cv-tqaw
19
vulnerability VCID-mapb-hsvc-2khc
20
vulnerability VCID-n119-gta2-kfg1
21
vulnerability VCID-n7un-zgqv-jfef
22
vulnerability VCID-nc36-atc6-yua6
23
vulnerability VCID-nd8n-5dsu-2fbp
24
vulnerability VCID-pk74-yy1n-8qck
25
vulnerability VCID-r8pv-9upr-y7gd
26
vulnerability VCID-rhj7-dy7q-jkhw
27
vulnerability VCID-rr4q-f5cv-nkah
28
vulnerability VCID-t84c-8r34-57b9
29
vulnerability VCID-ty3y-k9t2-qyba
30
vulnerability VCID-u1xx-aazv-bkg5
31
vulnerability VCID-u4w3-usvb-jyf6
32
vulnerability VCID-uqcw-p8g2-cfd2
33
vulnerability VCID-utyg-huhu-2ucq
34
vulnerability VCID-vevm-4sfk-f7gq
35
vulnerability VCID-vq5y-hdw3-nucj
36
vulnerability VCID-w3q4-838v-97ck
37
vulnerability VCID-wbuz-qcp3-43aq
38
vulnerability VCID-wbvy-zrtk-audw
39
vulnerability VCID-ww44-hb2y-mfd5
40
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.5
aliases CVE-2017-6926, GHSA-2p28-5mvp-2j2r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48ut-ykkc-83fx
7
url VCID-4aer-46u2-23f6
vulnerability_id VCID-4aer-46u2-23f6
summary 
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in the Enhanced Image plugin for CKEditor.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-9861
reference_id
reference_type
scores
0
value 0.00369
scoring_system epss
scoring_elements 0.5884
published_at 2026-04-11T12:55:00Z
1
value 0.00369
scoring_system epss
scoring_elements 0.58802
published_at 2026-04-13T12:55:00Z
2
value 0.00369
scoring_system epss
scoring_elements 0.58821
published_at 2026-04-12T12:55:00Z
3
value 0.00369
scoring_system epss
scoring_elements 0.58698
published_at 2026-04-01T12:55:00Z
4
value 0.00369
scoring_system epss
scoring_elements 0.58772
published_at 2026-04-02T12:55:00Z
5
value 0.00369
scoring_system epss
scoring_elements 0.58794
published_at 2026-04-04T12:55:00Z
6
value 0.00369
scoring_system epss
scoring_elements 0.58763
published_at 2026-04-07T12:55:00Z
7
value 0.00369
scoring_system epss
scoring_elements 0.58815
published_at 2026-04-08T12:55:00Z
8
value 0.00369
scoring_system epss
scoring_elements 0.58822
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-9861
1
reference_url https://github.com/ckeditor/ckeditor-dev/blob/master/CHANGES.md
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor-dev/blob/master/CHANGES.md
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-9861.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-9861.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-9861.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-9861.yaml
4
reference_url https://www.drupal.org/sa-core-2018-003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-003
5
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
6
reference_url http://www.securityfocus.com/bid/103924
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103924
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ckeditor:enhanced_image:*:*:*:*:*:ckeditor:*:*
reference_id cpe:2.3:a:ckeditor:enhanced_image:*:*:*:*:*:ckeditor:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ckeditor:enhanced_image:*:*:*:*:*:ckeditor:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-9861
reference_id CVE-2018-9861
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-9861
10
reference_url https://github.com/advisories/GHSA-g78h-pf65-46rv
reference_id GHSA-g78h-pf65-46rv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g78h-pf65-46rv
11
reference_url https://usn.ubuntu.com/5340-1/
reference_id USN-5340-1
reference_type
scores
url https://usn.ubuntu.com/5340-1/
12
reference_url https://usn.ubuntu.com/USN-5340-2/
reference_id USN-USN-5340-2
reference_type
scores
url https://usn.ubuntu.com/USN-5340-2/
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.7
purl pkg:composer/drupal/drupal@8.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-gzcu-sbks-wyfa
13
vulnerability VCID-jfq8-xxwa-mkd1
14
vulnerability VCID-k1gx-nznx-7qd6
15
vulnerability VCID-kh51-g4cv-tqaw
16
vulnerability VCID-mapb-hsvc-2khc
17
vulnerability VCID-n119-gta2-kfg1
18
vulnerability VCID-n7un-zgqv-jfef
19
vulnerability VCID-nd8n-5dsu-2fbp
20
vulnerability VCID-pk74-yy1n-8qck
21
vulnerability VCID-r8pv-9upr-y7gd
22
vulnerability VCID-rhj7-dy7q-jkhw
23
vulnerability VCID-rr4q-f5cv-nkah
24
vulnerability VCID-t84c-8r34-57b9
25
vulnerability VCID-ty3y-k9t2-qyba
26
vulnerability VCID-u1xx-aazv-bkg5
27
vulnerability VCID-u4w3-usvb-jyf6
28
vulnerability VCID-uqcw-p8g2-cfd2
29
vulnerability VCID-utyg-huhu-2ucq
30
vulnerability VCID-vevm-4sfk-f7gq
31
vulnerability VCID-vq5y-hdw3-nucj
32
vulnerability VCID-w3q4-838v-97ck
33
vulnerability VCID-wbuz-qcp3-43aq
34
vulnerability VCID-wbvy-zrtk-audw
35
vulnerability VCID-ww44-hb2y-mfd5
36
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.7
1
url pkg:composer/drupal/drupal@8.5.2
purl pkg:composer/drupal/drupal@8.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-djgn-ezxp-37eu
13
vulnerability VCID-gzcu-sbks-wyfa
14
vulnerability VCID-jfq8-xxwa-mkd1
15
vulnerability VCID-k1gx-nznx-7qd6
16
vulnerability VCID-kh51-g4cv-tqaw
17
vulnerability VCID-mapb-hsvc-2khc
18
vulnerability VCID-n119-gta2-kfg1
19
vulnerability VCID-n7un-zgqv-jfef
20
vulnerability VCID-nd8n-5dsu-2fbp
21
vulnerability VCID-pk74-yy1n-8qck
22
vulnerability VCID-r8pv-9upr-y7gd
23
vulnerability VCID-rhj7-dy7q-jkhw
24
vulnerability VCID-rr4q-f5cv-nkah
25
vulnerability VCID-t84c-8r34-57b9
26
vulnerability VCID-ty3y-k9t2-qyba
27
vulnerability VCID-u1xx-aazv-bkg5
28
vulnerability VCID-u4w3-usvb-jyf6
29
vulnerability VCID-uqcw-p8g2-cfd2
30
vulnerability VCID-utyg-huhu-2ucq
31
vulnerability VCID-vevm-4sfk-f7gq
32
vulnerability VCID-vq5y-hdw3-nucj
33
vulnerability VCID-w3q4-838v-97ck
34
vulnerability VCID-wbuz-qcp3-43aq
35
vulnerability VCID-wbvy-zrtk-audw
36
vulnerability VCID-ww44-hb2y-mfd5
37
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.2
aliases CVE-2018-9861, GHSA-g78h-pf65-46rv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4aer-46u2-23f6
8
url VCID-4wwt-vt76-dbe1
vulnerability_id VCID-4wwt-vt76-dbe1
summary 
Cross-site Scripting in HTTP exceptions
An attacker can create a specially crafted url, which can execute arbitrary code in the victim’s browser if loaded. Drupal is not properly sanitizing an exception.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7571
reference_id
reference_type
scores
0
value 0.0039
scoring_system epss
scoring_elements 0.6002
published_at 2026-04-02T12:55:00Z
1
value 0.0039
scoring_system epss
scoring_elements 0.60045
published_at 2026-04-04T12:55:00Z
2
value 0.0039
scoring_system epss
scoring_elements 0.59943
published_at 2026-04-01T12:55:00Z
3
value 0.0039
scoring_system epss
scoring_elements 0.60068
published_at 2026-04-13T12:55:00Z
4
value 0.0039
scoring_system epss
scoring_elements 0.60085
published_at 2026-04-12T12:55:00Z
5
value 0.0039
scoring_system epss
scoring_elements 0.601
published_at 2026-04-11T12:55:00Z
6
value 0.0039
scoring_system epss
scoring_elements 0.60079
published_at 2026-04-09T12:55:00Z
7
value 0.0039
scoring_system epss
scoring_elements 0.60065
published_at 2026-04-08T12:55:00Z
8
value 0.0039
scoring_system epss
scoring_elements 0.60015
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7571
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7571.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7571.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7571.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7571.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7571
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7571
5
reference_url https://www.drupal.org/SA-CORE-2016-004
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-004
6
reference_url http://www.securityfocus.com/bid/93101
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93101
7
reference_url http://www.securitytracker.com/id/1036886
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1036886
8
reference_url https://github.com/advisories/GHSA-vhg8-x858-7wq6
reference_id GHSA-vhg8-x858-7wq6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vhg8-x858-7wq6
fixed_packages
0
url pkg:composer/drupal/drupal@8.1.10
purl pkg:composer/drupal/drupal@8.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-d4qd-ut89-gbf4
18
vulnerability VCID-dgjq-y5zj-cud1
19
vulnerability VCID-fm5k-u7s6-wfhb
20
vulnerability VCID-g1rp-twzp-63e1
21
vulnerability VCID-ga35-289v-vqhr
22
vulnerability VCID-gzcu-sbks-wyfa
23
vulnerability VCID-hzr8-ttbu-ebhg
24
vulnerability VCID-jfq8-xxwa-mkd1
25
vulnerability VCID-jnu7-1j9c-dqck
26
vulnerability VCID-k1gx-nznx-7qd6
27
vulnerability VCID-kh51-g4cv-tqaw
28
vulnerability VCID-krhy-kg1b-rfbk
29
vulnerability VCID-mapb-hsvc-2khc
30
vulnerability VCID-n119-gta2-kfg1
31
vulnerability VCID-n7un-zgqv-jfef
32
vulnerability VCID-nc36-atc6-yua6
33
vulnerability VCID-nd8n-5dsu-2fbp
34
vulnerability VCID-pk74-yy1n-8qck
35
vulnerability VCID-r8pv-9upr-y7gd
36
vulnerability VCID-rhj7-dy7q-jkhw
37
vulnerability VCID-rr4q-f5cv-nkah
38
vulnerability VCID-s9kv-9qfu-gbdq
39
vulnerability VCID-sktb-khbq-cuaq
40
vulnerability VCID-t84c-8r34-57b9
41
vulnerability VCID-ty3y-k9t2-qyba
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-uqcw-p8g2-cfd2
45
vulnerability VCID-utyg-huhu-2ucq
46
vulnerability VCID-vevm-4sfk-f7gq
47
vulnerability VCID-vq5y-hdw3-nucj
48
vulnerability VCID-vy1y-zkf3-4ue4
49
vulnerability VCID-w3q4-838v-97ck
50
vulnerability VCID-wbuz-qcp3-43aq
51
vulnerability VCID-wbvy-zrtk-audw
52
vulnerability VCID-ww44-hb2y-mfd5
53
vulnerability VCID-wwvq-399y-rfhc
54
vulnerability VCID-y74s-ghyc-2bhs
55
vulnerability VCID-yare-57j9-j7cs
56
vulnerability VCID-ymka-jfep-87gt
57
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.10
aliases CVE-2016-7571, GHSA-vhg8-x858-7wq6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4wwt-vt76-dbe1
9
url VCID-53h1-sj47-gugn
vulnerability_id VCID-53h1-sj47-gugn
summary 
Improper Access Control
The File module in Drupal allows remote authenticated users to bypass access restrictions and read, delete, or substitute a link to a file uploaded to an unprocessed form by leveraging permission to create content or comment and upload files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3162
reference_id
reference_type
scores
0
value 0.00294
scoring_system epss
scoring_elements 0.52637
published_at 2026-04-01T12:55:00Z
1
value 0.00294
scoring_system epss
scoring_elements 0.52734
published_at 2026-04-13T12:55:00Z
2
value 0.00294
scoring_system epss
scoring_elements 0.5275
published_at 2026-04-12T12:55:00Z
3
value 0.00294
scoring_system epss
scoring_elements 0.52766
published_at 2026-04-11T12:55:00Z
4
value 0.00294
scoring_system epss
scoring_elements 0.52716
published_at 2026-04-09T12:55:00Z
5
value 0.00294
scoring_system epss
scoring_elements 0.52722
published_at 2026-04-08T12:55:00Z
6
value 0.00294
scoring_system epss
scoring_elements 0.52671
published_at 2026-04-07T12:55:00Z
7
value 0.00294
scoring_system epss
scoring_elements 0.52706
published_at 2026-04-04T12:55:00Z
8
value 0.00294
scoring_system epss
scoring_elements 0.5268
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3162
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
7
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3162.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3162.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3162.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3162.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3162
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3162
11
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
12
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
13
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
14
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
78
reference_url https://github.com/advisories/GHSA-w2pj-c8x5-jvg2
reference_id GHSA-w2pj-c8x5-jvg2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w2pj-c8x5-jvg2
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3162, GHSA-w2pj-c8x5-jvg2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53h1-sj47-gugn
10
url VCID-565p-mgqe-gkfc
vulnerability_id VCID-565p-mgqe-gkfc
summary Cross-site Scripting vulnerability in drupal.
references
0
reference_url https://www.drupal.org/sa-core-2019-004
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2019-004
fixed_packages
0
url pkg:composer/drupal/drupal@8.6.12
purl pkg:composer/drupal/drupal@8.6.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-636u-5bdw-puh4
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-djgn-ezxp-37eu
7
vulnerability VCID-jfq8-xxwa-mkd1
8
vulnerability VCID-k1gx-nznx-7qd6
9
vulnerability VCID-kh51-g4cv-tqaw
10
vulnerability VCID-mapb-hsvc-2khc
11
vulnerability VCID-n119-gta2-kfg1
12
vulnerability VCID-n7un-zgqv-jfef
13
vulnerability VCID-pk74-yy1n-8qck
14
vulnerability VCID-r8pv-9upr-y7gd
15
vulnerability VCID-ty3y-k9t2-qyba
16
vulnerability VCID-u4w3-usvb-jyf6
17
vulnerability VCID-uqcw-p8g2-cfd2
18
vulnerability VCID-vevm-4sfk-f7gq
19
vulnerability VCID-w3q4-838v-97ck
20
vulnerability VCID-wbuz-qcp3-43aq
21
vulnerability VCID-wbvy-zrtk-audw
22
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.12
aliases 2019-03-20
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-565p-mgqe-gkfc
11
url VCID-5tqs-qmqn-gug5
vulnerability_id VCID-5tqs-qmqn-gug5
summary 
Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution
The Contextual Links module doesn't sufficiently validate the requested contextual links.
This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access contextual links".
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-5.yaml
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-5.yaml
2
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-006
3
reference_url https://github.com/advisories/GHSA-jjx7-8462-w4m4
reference_id GHSA-jjx7-8462-w4m4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jjx7-8462-w4m4
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.8
purl pkg:composer/drupal/drupal@8.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-c9dm-17vt-4bbc
8
vulnerability VCID-cucx-jfqf-pkd1
9
vulnerability VCID-dgjq-y5zj-cud1
10
vulnerability VCID-djgn-ezxp-37eu
11
vulnerability VCID-gzcu-sbks-wyfa
12
vulnerability VCID-jfq8-xxwa-mkd1
13
vulnerability VCID-k1gx-nznx-7qd6
14
vulnerability VCID-kh51-g4cv-tqaw
15
vulnerability VCID-mapb-hsvc-2khc
16
vulnerability VCID-n119-gta2-kfg1
17
vulnerability VCID-n7un-zgqv-jfef
18
vulnerability VCID-nd8n-5dsu-2fbp
19
vulnerability VCID-pk74-yy1n-8qck
20
vulnerability VCID-r8pv-9upr-y7gd
21
vulnerability VCID-rhj7-dy7q-jkhw
22
vulnerability VCID-rr4q-f5cv-nkah
23
vulnerability VCID-ty3y-k9t2-qyba
24
vulnerability VCID-u1xx-aazv-bkg5
25
vulnerability VCID-u4w3-usvb-jyf6
26
vulnerability VCID-uqcw-p8g2-cfd2
27
vulnerability VCID-vevm-4sfk-f7gq
28
vulnerability VCID-w3q4-838v-97ck
29
vulnerability VCID-wbuz-qcp3-43aq
30
vulnerability VCID-wbvy-zrtk-audw
31
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.8
1
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases GHSA-jjx7-8462-w4m4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tqs-qmqn-gug5
12
url VCID-636u-5bdw-puh4
vulnerability_id VCID-636u-5bdw-puh4
summary 
Cross-site Scripting
In Symfony, validation messages are not escaped, which can lead to XSS when user input is included.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10909
reference_id
reference_type
scores
0
value 0.00369
scoring_system epss
scoring_elements 0.58747
published_at 2026-04-02T12:55:00Z
1
value 0.00369
scoring_system epss
scoring_elements 0.58776
published_at 2026-04-13T12:55:00Z
2
value 0.00369
scoring_system epss
scoring_elements 0.58814
published_at 2026-04-11T12:55:00Z
3
value 0.00369
scoring_system epss
scoring_elements 0.58795
published_at 2026-04-12T12:55:00Z
4
value 0.00369
scoring_system epss
scoring_elements 0.58788
published_at 2026-04-08T12:55:00Z
5
value 0.00369
scoring_system epss
scoring_elements 0.58736
published_at 2026-04-07T12:55:00Z
6
value 0.00369
scoring_system epss
scoring_elements 0.58768
published_at 2026-04-04T12:55:00Z
7
value 0.00369
scoring_system epss
scoring_elements 0.58663
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10909
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14773
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19789
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19790
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10909
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10910
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10911
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10912
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10913
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-10909.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-10909.yaml
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-10909.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-10909.yaml
11
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/framework-bundle/CVE-2019-10909.yaml
12
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2019-10909.yaml
13
reference_url https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/symfony/symfony/commit/ab4d05358c3d0dd1a36fc8c306829f68e3dd84e2
14
reference_url https://www.drupal.org/sa-core-2019-005
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-005
15
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_19
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10909
reference_id CVE-2019-10909
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10909
17
reference_url https://symfony.com/cve-2019-10909
reference_id CVE-2019-10909
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/cve-2019-10909
18
reference_url https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
reference_id CVE-2019-10909-ESCAPE-VALIDATION-MESSAGES-IN-THE-PHP-TEMPLATING-ENGINE
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
19
reference_url https://github.com/advisories/GHSA-g996-q5r8-w7g2
reference_id GHSA-g996-q5r8-w7g2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g996-q5r8-w7g2
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.15
purl pkg:composer/drupal/drupal@8.5.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-jfq8-xxwa-mkd1
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-kh51-g4cv-tqaw
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n119-gta2-kfg1
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-pk74-yy1n-8qck
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-ty3y-k9t2-qyba
14
vulnerability VCID-u4w3-usvb-jyf6
15
vulnerability VCID-uqcw-p8g2-cfd2
16
vulnerability VCID-vevm-4sfk-f7gq
17
vulnerability VCID-w3q4-838v-97ck
18
vulnerability VCID-wbuz-qcp3-43aq
19
vulnerability VCID-wbvy-zrtk-audw
20
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.15
1
url pkg:composer/drupal/drupal@8.6.15
purl pkg:composer/drupal/drupal@8.6.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-jfq8-xxwa-mkd1
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-kh51-g4cv-tqaw
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n119-gta2-kfg1
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-pk74-yy1n-8qck
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-ty3y-k9t2-qyba
14
vulnerability VCID-u4w3-usvb-jyf6
15
vulnerability VCID-uqcw-p8g2-cfd2
16
vulnerability VCID-vevm-4sfk-f7gq
17
vulnerability VCID-w3q4-838v-97ck
18
vulnerability VCID-wbuz-qcp3-43aq
19
vulnerability VCID-wbvy-zrtk-audw
20
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.15
aliases CVE-2019-10909, GHSA-g996-q5r8-w7g2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-636u-5bdw-puh4
13
url VCID-6ck5-9e5b-w3ay
vulnerability_id VCID-6ck5-9e5b-w3ay
summary 
Improper access control
In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access to a non-public file is checked only if it is stored in the "private" file system. However, some contributed modules provide additional file systems, or schemes, which may lead to this vulnerability. This vulnerability is mitigated by the fact that it only applies when the site sets (Drupal 9) $config['image.settings']['allow_insecure_derivatives'] or (Drupal 7) $conf['image_allow_insecure_derivatives'] to TRUE. The recommended and default setting is FALSE, and Drupal core does not provide a way to change that in the admin UI. Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you have issues accessing files or image styles after updating.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25275
reference_id
reference_type
scores
0
value 0.00375
scoring_system epss
scoring_elements 0.59084
published_at 2026-04-02T12:55:00Z
1
value 0.00375
scoring_system epss
scoring_elements 0.59071
published_at 2026-04-07T12:55:00Z
2
value 0.00375
scoring_system epss
scoring_elements 0.59107
published_at 2026-04-13T12:55:00Z
3
value 0.00375
scoring_system epss
scoring_elements 0.59144
published_at 2026-04-11T12:55:00Z
4
value 0.00375
scoring_system epss
scoring_elements 0.59126
published_at 2026-04-12T12:55:00Z
5
value 0.00375
scoring_system epss
scoring_elements 0.59123
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25275
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/drupal/core/commit/2d5f47fc8a166115f56c2330a81e83abe22445cf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/2d5f47fc8a166115f56c2330a81e83abe22445cf
3
reference_url https://github.com/drupal/core/commit/e2fbf63700819cb470a1be425798f1a3f2020116
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/e2fbf63700819cb470a1be425798f1a3f2020116
4
reference_url https://www.drupal.org/sa-core-2022-012
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-03T18:45:46Z/
url https://www.drupal.org/sa-core-2022-012
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25275
reference_id CVE-2022-25275
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25275
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2022-25275.yaml
reference_id CVE-2022-25275.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2022-25275.yaml
7
reference_url https://github.com/advisories/GHSA-xh3v-6f9j-wxw3
reference_id GHSA-xh3v-6f9j-wxw3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xh3v-6f9j-wxw3
fixed_packages
0
url pkg:composer/drupal/drupal@9.3.19
purl pkg:composer/drupal/drupal@9.3.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-q4qx-7s1y-q3hc
3
vulnerability VCID-rdgr-yuu7-xkey
4
vulnerability VCID-u4w3-usvb-jyf6
5
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.19
1
url pkg:composer/drupal/drupal@9.4.3
purl pkg:composer/drupal/drupal@9.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-bk92-66re-dkc5
3
vulnerability VCID-q4qx-7s1y-q3hc
4
vulnerability VCID-rdgr-yuu7-xkey
5
vulnerability VCID-u4w3-usvb-jyf6
6
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.4.3
aliases CVE-2022-25275, GHSA-xh3v-6f9j-wxw3, GMS-2022-3362
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ck5-9e5b-w3ay
14
url VCID-6m8x-cfzp-tkf4
vulnerability_id VCID-6m8x-cfzp-tkf4
summary 
Drupal core Unrestricted Upload of File with Dangerous Type
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13671
reference_id
reference_type
scores
0
value 0.04504
scoring_system epss
scoring_elements 0.89078
published_at 2026-04-01T12:55:00Z
1
value 0.04504
scoring_system epss
scoring_elements 0.89133
published_at 2026-04-13T12:55:00Z
2
value 0.04504
scoring_system epss
scoring_elements 0.89135
published_at 2026-04-12T12:55:00Z
3
value 0.04504
scoring_system epss
scoring_elements 0.89138
published_at 2026-04-11T12:55:00Z
4
value 0.04504
scoring_system epss
scoring_elements 0.89127
published_at 2026-04-09T12:55:00Z
5
value 0.04504
scoring_system epss
scoring_elements 0.89122
published_at 2026-04-08T12:55:00Z
6
value 0.04504
scoring_system epss
scoring_elements 0.89105
published_at 2026-04-07T12:55:00Z
7
value 0.04504
scoring_system epss
scoring_elements 0.89102
published_at 2026-04-04T12:55:00Z
8
value 0.04504
scoring_system epss
scoring_elements 0.89087
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13671
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT
6
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-13671
7
reference_url https://www.drupal.org/sa-core-2020-012
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:31Z/
url https://www.drupal.org/sa-core-2020-012
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/
reference_id 5KSFM672XW3X6BR7TVKRD63SLZGKK437
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KSFM672XW3X6BR7TVKRD63SLZGKK437/
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13671
reference_id CVE-2020-13671
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13671
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13671.yaml
reference_id CVE-2020-13671.YAML
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13671.yaml
11
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13671.yaml
reference_id CVE-2020-13671.YAML
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13671.yaml
12
reference_url https://github.com/advisories/GHSA-68jc-v27h-vhmw
reference_id GHSA-68jc-v27h-vhmw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-68jc-v27h-vhmw
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/
reference_id KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWM4CTMEGAC4I2CHYNJVSROY4CVXVEUT/
14
reference_url https://usn.ubuntu.com/6981-1/
reference_id USN-6981-1
reference_type
scores
url https://usn.ubuntu.com/6981-1/
15
reference_url https://usn.ubuntu.com/6981-2/
reference_id USN-6981-2
reference_type
scores
url https://usn.ubuntu.com/6981-2/
fixed_packages
0
url pkg:composer/drupal/drupal@8.8.11
purl pkg:composer/drupal/drupal@8.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-gbz5-5frj-hber
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-mapb-hsvc-2khc
8
vulnerability VCID-n7un-zgqv-jfef
9
vulnerability VCID-q4qx-7s1y-q3hc
10
vulnerability VCID-r8pv-9upr-y7gd
11
vulnerability VCID-rdgr-yuu7-xkey
12
vulnerability VCID-u4w3-usvb-jyf6
13
vulnerability VCID-v9v6-ae3e-g3hk
14
vulnerability VCID-vevm-4sfk-f7gq
15
vulnerability VCID-wbuz-qcp3-43aq
16
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.11
1
url pkg:composer/drupal/drupal@8.9.9
purl pkg:composer/drupal/drupal@8.9.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-gbz5-5frj-hber
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-kc7d-5k6x-77bp
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n7un-zgqv-jfef
10
vulnerability VCID-q4qx-7s1y-q3hc
11
vulnerability VCID-r8pv-9upr-y7gd
12
vulnerability VCID-rdgr-yuu7-xkey
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-v9v6-ae3e-g3hk
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.9
2
url pkg:composer/drupal/drupal@9.0.8
purl pkg:composer/drupal/drupal@9.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-gbz5-5frj-hber
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-kc7d-5k6x-77bp
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n7un-zgqv-jfef
10
vulnerability VCID-q4qx-7s1y-q3hc
11
vulnerability VCID-r8pv-9upr-y7gd
12
vulnerability VCID-rdgr-yuu7-xkey
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-v9v6-ae3e-g3hk
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.8
aliases CVE-2020-13671, GHSA-68jc-v27h-vhmw
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6m8x-cfzp-tkf4
15
url VCID-8nda-kjr2-ufd4
vulnerability_id VCID-8nda-kjr2-ufd4
summary 
Drupal core Remote Code Execution
In Drupal core, when sending email some variables were not being sanitized for shell arguments in `DefaultMailSystem::mail()`, which could lead to remote code execution.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-4.yaml
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-4.yaml
2
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
0
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-006
3
reference_url https://github.com/advisories/GHSA-jf8c-36vw-98x4
reference_id GHSA-jf8c-36vw-98x4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jf8c-36vw-98x4
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.8
purl pkg:composer/drupal/drupal@8.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-c9dm-17vt-4bbc
8
vulnerability VCID-cucx-jfqf-pkd1
9
vulnerability VCID-dgjq-y5zj-cud1
10
vulnerability VCID-djgn-ezxp-37eu
11
vulnerability VCID-gzcu-sbks-wyfa
12
vulnerability VCID-jfq8-xxwa-mkd1
13
vulnerability VCID-k1gx-nznx-7qd6
14
vulnerability VCID-kh51-g4cv-tqaw
15
vulnerability VCID-mapb-hsvc-2khc
16
vulnerability VCID-n119-gta2-kfg1
17
vulnerability VCID-n7un-zgqv-jfef
18
vulnerability VCID-nd8n-5dsu-2fbp
19
vulnerability VCID-pk74-yy1n-8qck
20
vulnerability VCID-r8pv-9upr-y7gd
21
vulnerability VCID-rhj7-dy7q-jkhw
22
vulnerability VCID-rr4q-f5cv-nkah
23
vulnerability VCID-ty3y-k9t2-qyba
24
vulnerability VCID-u1xx-aazv-bkg5
25
vulnerability VCID-u4w3-usvb-jyf6
26
vulnerability VCID-uqcw-p8g2-cfd2
27
vulnerability VCID-vevm-4sfk-f7gq
28
vulnerability VCID-w3q4-838v-97ck
29
vulnerability VCID-wbuz-qcp3-43aq
30
vulnerability VCID-wbvy-zrtk-audw
31
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.8
1
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases GHSA-jf8c-36vw-98x4
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8nda-kjr2-ufd4
16
url VCID-9f24-vqyt-r7dq
vulnerability_id VCID-9f24-vqyt-r7dq
summary 
Language fallback can be incorrect on multilingual sites with node access restrictions
When using node access controls with a multilingual site, Drupal marks the untranslated version of a node as the default fallback for access queries. This fallback is used for languages that do not yet have a translated version of the created node. This can result in an access bypass vulnerability. This issue is mitigated by the fact that it only applies to sites that a) use the Content Translation module; and b) use a node access module such as Domain Access which implement hook_node_access_records(). Note that the update will mark the node access tables as needing a rebuild, which will take a long time on sites with a large number of nodes.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6930
reference_id
reference_type
scores
0
value 0.00424
scoring_system epss
scoring_elements 0.6218
published_at 2026-04-13T12:55:00Z
1
value 0.00424
scoring_system epss
scoring_elements 0.62065
published_at 2026-04-01T12:55:00Z
2
value 0.00424
scoring_system epss
scoring_elements 0.62125
published_at 2026-04-02T12:55:00Z
3
value 0.00424
scoring_system epss
scoring_elements 0.62156
published_at 2026-04-04T12:55:00Z
4
value 0.00424
scoring_system epss
scoring_elements 0.62126
published_at 2026-04-07T12:55:00Z
5
value 0.00424
scoring_system epss
scoring_elements 0.62176
published_at 2026-04-08T12:55:00Z
6
value 0.00424
scoring_system epss
scoring_elements 0.62194
published_at 2026-04-09T12:55:00Z
7
value 0.00424
scoring_system epss
scoring_elements 0.62211
published_at 2026-04-11T12:55:00Z
8
value 0.00424
scoring_system epss
scoring_elements 0.62201
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6930
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6930.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6930.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6930.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6930.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6930
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6930
5
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
6
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
7
reference_url http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6930
reference_id
reference_type
scores
url http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6930
8
reference_url https://github.com/advisories/GHSA-3327-jr93-7hq3
reference_id GHSA-3327-jr93-7hq3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3327-jr93-7hq3
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.5
purl pkg:composer/drupal/drupal@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-ga35-289v-vqhr
15
vulnerability VCID-gzcu-sbks-wyfa
16
vulnerability VCID-jfq8-xxwa-mkd1
17
vulnerability VCID-k1gx-nznx-7qd6
18
vulnerability VCID-kh51-g4cv-tqaw
19
vulnerability VCID-mapb-hsvc-2khc
20
vulnerability VCID-n119-gta2-kfg1
21
vulnerability VCID-n7un-zgqv-jfef
22
vulnerability VCID-nc36-atc6-yua6
23
vulnerability VCID-nd8n-5dsu-2fbp
24
vulnerability VCID-pk74-yy1n-8qck
25
vulnerability VCID-r8pv-9upr-y7gd
26
vulnerability VCID-rhj7-dy7q-jkhw
27
vulnerability VCID-rr4q-f5cv-nkah
28
vulnerability VCID-t84c-8r34-57b9
29
vulnerability VCID-ty3y-k9t2-qyba
30
vulnerability VCID-u1xx-aazv-bkg5
31
vulnerability VCID-u4w3-usvb-jyf6
32
vulnerability VCID-uqcw-p8g2-cfd2
33
vulnerability VCID-utyg-huhu-2ucq
34
vulnerability VCID-vevm-4sfk-f7gq
35
vulnerability VCID-vq5y-hdw3-nucj
36
vulnerability VCID-w3q4-838v-97ck
37
vulnerability VCID-wbuz-qcp3-43aq
38
vulnerability VCID-wbvy-zrtk-audw
39
vulnerability VCID-ww44-hb2y-mfd5
40
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.5
aliases CVE-2017-6930, GHSA-3327-jr93-7hq3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9f24-vqyt-r7dq
17
url VCID-9vdz-1jpq-kue3
vulnerability_id VCID-9vdz-1jpq-kue3
summary 
Cross-site Scripting
XSS vulnerabiltiy in drupal.
references
0
reference_url https://www.drupal.org/sa-core-2018-003
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2018-003
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.7
purl pkg:composer/drupal/drupal@8.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-gzcu-sbks-wyfa
13
vulnerability VCID-jfq8-xxwa-mkd1
14
vulnerability VCID-k1gx-nznx-7qd6
15
vulnerability VCID-kh51-g4cv-tqaw
16
vulnerability VCID-mapb-hsvc-2khc
17
vulnerability VCID-n119-gta2-kfg1
18
vulnerability VCID-n7un-zgqv-jfef
19
vulnerability VCID-nd8n-5dsu-2fbp
20
vulnerability VCID-pk74-yy1n-8qck
21
vulnerability VCID-r8pv-9upr-y7gd
22
vulnerability VCID-rhj7-dy7q-jkhw
23
vulnerability VCID-rr4q-f5cv-nkah
24
vulnerability VCID-t84c-8r34-57b9
25
vulnerability VCID-ty3y-k9t2-qyba
26
vulnerability VCID-u1xx-aazv-bkg5
27
vulnerability VCID-u4w3-usvb-jyf6
28
vulnerability VCID-uqcw-p8g2-cfd2
29
vulnerability VCID-utyg-huhu-2ucq
30
vulnerability VCID-vevm-4sfk-f7gq
31
vulnerability VCID-vq5y-hdw3-nucj
32
vulnerability VCID-w3q4-838v-97ck
33
vulnerability VCID-wbuz-qcp3-43aq
34
vulnerability VCID-wbvy-zrtk-audw
35
vulnerability VCID-ww44-hb2y-mfd5
36
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.7
1
url pkg:composer/drupal/drupal@8.5.0-alpha1
purl pkg:composer/drupal/drupal@8.5.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-gzcu-sbks-wyfa
13
vulnerability VCID-jfq8-xxwa-mkd1
14
vulnerability VCID-k1gx-nznx-7qd6
15
vulnerability VCID-kh51-g4cv-tqaw
16
vulnerability VCID-mapb-hsvc-2khc
17
vulnerability VCID-n119-gta2-kfg1
18
vulnerability VCID-n7un-zgqv-jfef
19
vulnerability VCID-nc36-atc6-yua6
20
vulnerability VCID-nd8n-5dsu-2fbp
21
vulnerability VCID-pk74-yy1n-8qck
22
vulnerability VCID-r8pv-9upr-y7gd
23
vulnerability VCID-rhj7-dy7q-jkhw
24
vulnerability VCID-rr4q-f5cv-nkah
25
vulnerability VCID-t84c-8r34-57b9
26
vulnerability VCID-ty3y-k9t2-qyba
27
vulnerability VCID-u1xx-aazv-bkg5
28
vulnerability VCID-u4w3-usvb-jyf6
29
vulnerability VCID-uqcw-p8g2-cfd2
30
vulnerability VCID-utyg-huhu-2ucq
31
vulnerability VCID-vevm-4sfk-f7gq
32
vulnerability VCID-vq5y-hdw3-nucj
33
vulnerability VCID-w3q4-838v-97ck
34
vulnerability VCID-wbuz-qcp3-43aq
35
vulnerability VCID-wbvy-zrtk-audw
36
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.0-alpha1
2
url pkg:composer/drupal/drupal@8.5.2
purl pkg:composer/drupal/drupal@8.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-djgn-ezxp-37eu
13
vulnerability VCID-gzcu-sbks-wyfa
14
vulnerability VCID-jfq8-xxwa-mkd1
15
vulnerability VCID-k1gx-nznx-7qd6
16
vulnerability VCID-kh51-g4cv-tqaw
17
vulnerability VCID-mapb-hsvc-2khc
18
vulnerability VCID-n119-gta2-kfg1
19
vulnerability VCID-n7un-zgqv-jfef
20
vulnerability VCID-nd8n-5dsu-2fbp
21
vulnerability VCID-pk74-yy1n-8qck
22
vulnerability VCID-r8pv-9upr-y7gd
23
vulnerability VCID-rhj7-dy7q-jkhw
24
vulnerability VCID-rr4q-f5cv-nkah
25
vulnerability VCID-t84c-8r34-57b9
26
vulnerability VCID-ty3y-k9t2-qyba
27
vulnerability VCID-u1xx-aazv-bkg5
28
vulnerability VCID-u4w3-usvb-jyf6
29
vulnerability VCID-uqcw-p8g2-cfd2
30
vulnerability VCID-utyg-huhu-2ucq
31
vulnerability VCID-vevm-4sfk-f7gq
32
vulnerability VCID-vq5y-hdw3-nucj
33
vulnerability VCID-w3q4-838v-97ck
34
vulnerability VCID-wbuz-qcp3-43aq
35
vulnerability VCID-wbvy-zrtk-audw
36
vulnerability VCID-ww44-hb2y-mfd5
37
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.2
aliases 2018-04-18
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9vdz-1jpq-kue3
18
url VCID-9wt5-xe6d-n3cb
vulnerability_id VCID-9wt5-xe6d-n3cb
summary 
Open redirect via path manipulation
Drupal might allow remote attackers to conduct open redirect attacks by leveraging (1) custom code or (2) a form shown on an error page, related to path manipulation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3164
reference_id
reference_type
scores
0
value 0.007
scoring_system epss
scoring_elements 0.71951
published_at 2026-04-01T12:55:00Z
1
value 0.007
scoring_system epss
scoring_elements 0.71998
published_at 2026-04-13T12:55:00Z
2
value 0.007
scoring_system epss
scoring_elements 0.72013
published_at 2026-04-12T12:55:00Z
3
value 0.007
scoring_system epss
scoring_elements 0.72029
published_at 2026-04-11T12:55:00Z
4
value 0.007
scoring_system epss
scoring_elements 0.72005
published_at 2026-04-09T12:55:00Z
5
value 0.007
scoring_system epss
scoring_elements 0.71993
published_at 2026-04-08T12:55:00Z
6
value 0.007
scoring_system epss
scoring_elements 0.71954
published_at 2026-04-07T12:55:00Z
7
value 0.007
scoring_system epss
scoring_elements 0.71978
published_at 2026-04-04T12:55:00Z
8
value 0.007
scoring_system epss
scoring_elements 0.71958
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3164
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
7
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3164.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3164.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3164.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3164.yaml
10
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
11
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
12
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
13
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
102
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
103
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
104
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
105
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
106
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
107
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
108
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
109
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
110
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
111
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
112
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
113
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
114
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
115
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
116
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
117
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
118
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
119
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
120
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
121
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
122
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
123
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
124
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
125
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
126
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
127
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
128
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
129
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
130
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
131
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
132
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
133
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
134
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
135
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
136
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
137
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
138
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
139
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
140
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
141
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
142
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
143
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
144
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
145
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
146
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
147
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
148
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
149
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
150
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
151
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
152
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
153
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
154
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
155
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
156
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
157
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3164
reference_id CVE-2016-3164
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
2
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3164
158
reference_url https://github.com/advisories/GHSA-836p-6p4j-35cg
reference_id GHSA-836p-6p4j-35cg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-836p-6p4j-35cg
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3164, GHSA-836p-6p4j-35cg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9wt5-xe6d-n3cb
19
url VCID-bbzr-hbhv-yyee
vulnerability_id VCID-bbzr-hbhv-yyee
summary 
Improper Input Validation
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25273
reference_id
reference_type
scores
0
value 0.00282
scoring_system epss
scoring_elements 0.51563
published_at 2026-04-04T12:55:00Z
1
value 0.00282
scoring_system epss
scoring_elements 0.51586
published_at 2026-04-13T12:55:00Z
2
value 0.00282
scoring_system epss
scoring_elements 0.51603
published_at 2026-04-12T12:55:00Z
3
value 0.00282
scoring_system epss
scoring_elements 0.51577
published_at 2026-04-08T12:55:00Z
4
value 0.00282
scoring_system epss
scoring_elements 0.51523
published_at 2026-04-07T12:55:00Z
5
value 0.00282
scoring_system epss
scoring_elements 0.51624
published_at 2026-04-11T12:55:00Z
6
value 0.00282
scoring_system epss
scoring_elements 0.51574
published_at 2026-04-09T12:55:00Z
7
value 0.00282
scoring_system epss
scoring_elements 0.51536
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25273
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://www.drupal.org/sa-core-2022-008
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-03T19:19:11Z/
url https://www.drupal.org/sa-core-2022-008
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25273
reference_id CVE-2022-25273
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25273
4
reference_url https://github.com/advisories/GHSA-g36h-4jr6-qmm9
reference_id GHSA-g36h-4jr6-qmm9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g36h-4jr6-qmm9
fixed_packages
0
url pkg:composer/drupal/drupal@9.2.18
purl pkg:composer/drupal/drupal@9.2.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-674z-nf4t-b7ez
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-rdgr-yuu7-xkey
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.2.18
1
url pkg:composer/drupal/drupal@9.3.12
purl pkg:composer/drupal/drupal@9.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-674z-nf4t-b7ez
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-rdgr-yuu7-xkey
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.12
aliases CVE-2022-25273, GHSA-g36h-4jr6-qmm9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbzr-hbhv-yyee
20
url VCID-c9dm-17vt-4bbc
vulnerability_id VCID-c9dm-17vt-4bbc
summary Improper Access Control in drupal.
references
0
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2018-006
fixed_packages
0
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases 2018-10-17-1
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9dm-17vt-4bbc
21
url VCID-cucx-jfqf-pkd1
vulnerability_id VCID-cucx-jfqf-pkd1
summary 
Deserialization of Untrusted Data
Drupal core uses the third-party PEAR `Archive_Tar` library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6338
reference_id
reference_type
scores
0
value 0.01047
scoring_system epss
scoring_elements 0.77449
published_at 2026-04-01T12:55:00Z
1
value 0.01047
scoring_system epss
scoring_elements 0.77504
published_at 2026-04-13T12:55:00Z
2
value 0.01047
scoring_system epss
scoring_elements 0.77507
published_at 2026-04-12T12:55:00Z
3
value 0.01047
scoring_system epss
scoring_elements 0.77526
published_at 2026-04-11T12:55:00Z
4
value 0.01047
scoring_system epss
scoring_elements 0.775
published_at 2026-04-09T12:55:00Z
5
value 0.01047
scoring_system epss
scoring_elements 0.77491
published_at 2026-04-08T12:55:00Z
6
value 0.01047
scoring_system epss
scoring_elements 0.77461
published_at 2026-04-07T12:55:00Z
7
value 0.01047
scoring_system epss
scoring_elements 0.7748
published_at 2026-04-04T12:55:00Z
8
value 0.01047
scoring_system epss
scoring_elements 0.77455
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6338
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6338
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6338
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6339
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6339
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6338.yaml
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6338.yaml
4
reference_url https://lists.debian.org/debian-lts-announce/2019/02/msg00032.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/02/msg00032.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6338
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6338
6
reference_url https://www.debian.org/security/2019/dsa-4370
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4370
7
reference_url https://www.drupal.org/sa-core-2019-001
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-001
8
reference_url http://www.securityfocus.com/bid/106706
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106706
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
12
reference_url https://github.com/advisories/GHSA-6rmq-x2hv-vxpp
reference_id GHSA-6rmq-x2hv-vxpp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6rmq-x2hv-vxpp
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.9
purl pkg:composer/drupal/drupal@8.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.9
1
url pkg:composer/drupal/drupal@8.6.6
purl pkg:composer/drupal/drupal@8.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-565p-mgqe-gkfc
2
vulnerability VCID-636u-5bdw-puh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-dgjq-y5zj-cud1
7
vulnerability VCID-djgn-ezxp-37eu
8
vulnerability VCID-jfq8-xxwa-mkd1
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-kh51-g4cv-tqaw
11
vulnerability VCID-mapb-hsvc-2khc
12
vulnerability VCID-n119-gta2-kfg1
13
vulnerability VCID-n7un-zgqv-jfef
14
vulnerability VCID-pk74-yy1n-8qck
15
vulnerability VCID-r8pv-9upr-y7gd
16
vulnerability VCID-rhj7-dy7q-jkhw
17
vulnerability VCID-ty3y-k9t2-qyba
18
vulnerability VCID-u4w3-usvb-jyf6
19
vulnerability VCID-uqcw-p8g2-cfd2
20
vulnerability VCID-vevm-4sfk-f7gq
21
vulnerability VCID-w3q4-838v-97ck
22
vulnerability VCID-wbuz-qcp3-43aq
23
vulnerability VCID-wbvy-zrtk-audw
24
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.6
aliases CVE-2019-6338, GHSA-6rmq-x2hv-vxpp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cucx-jfqf-pkd1
22
url VCID-d4qd-ut89-gbf4
vulnerability_id VCID-d4qd-ut89-gbf4
summary 
Remote code execution
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerable to this if you are running a version of Drupal. To be sure you aren’t vulnerable, you can remove the /vendor/phpunit directory from the site root of your production deployments.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6381
reference_id
reference_type
scores
0
value 0.03314
scoring_system epss
scoring_elements 0.87217
published_at 2026-04-02T12:55:00Z
1
value 0.03314
scoring_system epss
scoring_elements 0.87259
published_at 2026-04-13T12:55:00Z
2
value 0.03314
scoring_system epss
scoring_elements 0.87263
published_at 2026-04-12T12:55:00Z
3
value 0.03314
scoring_system epss
scoring_elements 0.87269
published_at 2026-04-11T12:55:00Z
4
value 0.03314
scoring_system epss
scoring_elements 0.87233
published_at 2026-04-04T12:55:00Z
5
value 0.03314
scoring_system epss
scoring_elements 0.87207
published_at 2026-04-01T12:55:00Z
6
value 0.03314
scoring_system epss
scoring_elements 0.87257
published_at 2026-04-09T12:55:00Z
7
value 0.03314
scoring_system epss
scoring_elements 0.8725
published_at 2026-04-08T12:55:00Z
8
value 0.03314
scoring_system epss
scoring_elements 0.8723
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6381
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6381.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6381.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6381.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6381.yaml
4
reference_url https://www.drupal.org/SA-2017-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-2017-001
5
reference_url http://www.securityfocus.com/bid/96919
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/96919
6
reference_url http://www.securitytracker.com/id/1038058
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038058
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6381
reference_id CVE-2017-6381
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6381
68
reference_url https://github.com/advisories/GHSA-rhx9-3qf7-r3j7
reference_id GHSA-rhx9-3qf7-r3j7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rhx9-3qf7-r3j7
fixed_packages
0
url pkg:composer/drupal/drupal@8.1.0-beta1
purl pkg:composer/drupal/drupal@8.1.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-dgjq-y5zj-cud1
20
vulnerability VCID-fm5k-u7s6-wfhb
21
vulnerability VCID-g1rp-twzp-63e1
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hzr8-ttbu-ebhg
25
vulnerability VCID-jfq8-xxwa-mkd1
26
vulnerability VCID-jnu7-1j9c-dqck
27
vulnerability VCID-k1gx-nznx-7qd6
28
vulnerability VCID-kh51-g4cv-tqaw
29
vulnerability VCID-krhy-kg1b-rfbk
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-sktb-khbq-cuaq
41
vulnerability VCID-t84c-8r34-57b9
42
vulnerability VCID-ty3y-k9t2-qyba
43
vulnerability VCID-u1xx-aazv-bkg5
44
vulnerability VCID-u4w3-usvb-jyf6
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-utyg-huhu-2ucq
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vq5y-hdw3-nucj
49
vulnerability VCID-vy1y-zkf3-4ue4
50
vulnerability VCID-w3q4-838v-97ck
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-wbvy-zrtk-audw
53
vulnerability VCID-ww44-hb2y-mfd5
54
vulnerability VCID-wwvq-399y-rfhc
55
vulnerability VCID-yare-57j9-j7cs
56
vulnerability VCID-ymka-jfep-87gt
57
vulnerability VCID-yrzt-3m97-53ce
58
vulnerability VCID-yty5-zn46-r3dj
59
vulnerability VCID-zawz-vky5-tkgt
60
vulnerability VCID-zvtp-4we3-qygx
61
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.0-beta1
1
url pkg:composer/drupal/drupal@8.2.0-beta1
purl pkg:composer/drupal/drupal@8.2.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-fm5k-u7s6-wfhb
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gzcu-sbks-wyfa
22
vulnerability VCID-hzr8-ttbu-ebhg
23
vulnerability VCID-jfq8-xxwa-mkd1
24
vulnerability VCID-jnu7-1j9c-dqck
25
vulnerability VCID-k1gx-nznx-7qd6
26
vulnerability VCID-kh51-g4cv-tqaw
27
vulnerability VCID-krhy-kg1b-rfbk
28
vulnerability VCID-mapb-hsvc-2khc
29
vulnerability VCID-n119-gta2-kfg1
30
vulnerability VCID-n7un-zgqv-jfef
31
vulnerability VCID-nc36-atc6-yua6
32
vulnerability VCID-nd8n-5dsu-2fbp
33
vulnerability VCID-pk74-yy1n-8qck
34
vulnerability VCID-r8pv-9upr-y7gd
35
vulnerability VCID-rhj7-dy7q-jkhw
36
vulnerability VCID-rr4q-f5cv-nkah
37
vulnerability VCID-s9kv-9qfu-gbdq
38
vulnerability VCID-sktb-khbq-cuaq
39
vulnerability VCID-t84c-8r34-57b9
40
vulnerability VCID-ty3y-k9t2-qyba
41
vulnerability VCID-u1xx-aazv-bkg5
42
vulnerability VCID-u4w3-usvb-jyf6
43
vulnerability VCID-uqcw-p8g2-cfd2
44
vulnerability VCID-utyg-huhu-2ucq
45
vulnerability VCID-vevm-4sfk-f7gq
46
vulnerability VCID-vq5y-hdw3-nucj
47
vulnerability VCID-vy1y-zkf3-4ue4
48
vulnerability VCID-w3q4-838v-97ck
49
vulnerability VCID-wbuz-qcp3-43aq
50
vulnerability VCID-wbvy-zrtk-audw
51
vulnerability VCID-ww44-hb2y-mfd5
52
vulnerability VCID-wwvq-399y-rfhc
53
vulnerability VCID-yare-57j9-j7cs
54
vulnerability VCID-ymka-jfep-87gt
55
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.2.0-beta1
2
url pkg:composer/drupal/drupal@8.2.2
purl pkg:composer/drupal/drupal@8.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-fm5k-u7s6-wfhb
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gzcu-sbks-wyfa
22
vulnerability VCID-hpsp-5qtj-v7dq
23
vulnerability VCID-hzr8-ttbu-ebhg
24
vulnerability VCID-jfq8-xxwa-mkd1
25
vulnerability VCID-jnu7-1j9c-dqck
26
vulnerability VCID-k1gx-nznx-7qd6
27
vulnerability VCID-kh51-g4cv-tqaw
28
vulnerability VCID-krhy-kg1b-rfbk
29
vulnerability VCID-m1ur-bb9m-m7d5
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-sktb-khbq-cuaq
41
vulnerability VCID-t84c-8r34-57b9
42
vulnerability VCID-ty3y-k9t2-qyba
43
vulnerability VCID-u1xx-aazv-bkg5
44
vulnerability VCID-u4w3-usvb-jyf6
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-utyg-huhu-2ucq
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vq5y-hdw3-nucj
49
vulnerability VCID-vy1y-zkf3-4ue4
50
vulnerability VCID-w3q4-838v-97ck
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-wbvy-zrtk-audw
53
vulnerability VCID-ww44-hb2y-mfd5
54
vulnerability VCID-wwvq-399y-rfhc
55
vulnerability VCID-y74s-ghyc-2bhs
56
vulnerability VCID-yare-57j9-j7cs
57
vulnerability VCID-ymka-jfep-87gt
58
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.2.2
3
url pkg:composer/drupal/drupal@8.2.7
purl pkg:composer/drupal/drupal@8.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-fm5k-u7s6-wfhb
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gzcu-sbks-wyfa
22
vulnerability VCID-hzr8-ttbu-ebhg
23
vulnerability VCID-jfq8-xxwa-mkd1
24
vulnerability VCID-jnu7-1j9c-dqck
25
vulnerability VCID-k1gx-nznx-7qd6
26
vulnerability VCID-kh51-g4cv-tqaw
27
vulnerability VCID-krhy-kg1b-rfbk
28
vulnerability VCID-mapb-hsvc-2khc
29
vulnerability VCID-n119-gta2-kfg1
30
vulnerability VCID-n7un-zgqv-jfef
31
vulnerability VCID-nc36-atc6-yua6
32
vulnerability VCID-nd8n-5dsu-2fbp
33
vulnerability VCID-pk74-yy1n-8qck
34
vulnerability VCID-r8pv-9upr-y7gd
35
vulnerability VCID-rhj7-dy7q-jkhw
36
vulnerability VCID-rr4q-f5cv-nkah
37
vulnerability VCID-s9kv-9qfu-gbdq
38
vulnerability VCID-t84c-8r34-57b9
39
vulnerability VCID-ty3y-k9t2-qyba
40
vulnerability VCID-u1xx-aazv-bkg5
41
vulnerability VCID-u4w3-usvb-jyf6
42
vulnerability VCID-uqcw-p8g2-cfd2
43
vulnerability VCID-utyg-huhu-2ucq
44
vulnerability VCID-vevm-4sfk-f7gq
45
vulnerability VCID-vq5y-hdw3-nucj
46
vulnerability VCID-w3q4-838v-97ck
47
vulnerability VCID-wbuz-qcp3-43aq
48
vulnerability VCID-wbvy-zrtk-audw
49
vulnerability VCID-ww44-hb2y-mfd5
50
vulnerability VCID-wwvq-399y-rfhc
51
vulnerability VCID-y74s-ghyc-2bhs
52
vulnerability VCID-yare-57j9-j7cs
53
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.2.7
aliases CVE-2017-6381, GHSA-rhx9-3qf7-r3j7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4qd-ut89-gbf4
23
url VCID-dgjq-y5zj-cud1
vulnerability_id VCID-dgjq-y5zj-cud1
summary 
Improper Access Control
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules or themes may be affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25278
reference_id
reference_type
scores
0
value 0.00452
scoring_system epss
scoring_elements 0.63732
published_at 2026-04-13T12:55:00Z
1
value 0.00452
scoring_system epss
scoring_elements 0.63711
published_at 2026-04-02T12:55:00Z
2
value 0.00452
scoring_system epss
scoring_elements 0.63737
published_at 2026-04-04T12:55:00Z
3
value 0.00452
scoring_system epss
scoring_elements 0.63697
published_at 2026-04-07T12:55:00Z
4
value 0.00452
scoring_system epss
scoring_elements 0.63749
published_at 2026-04-08T12:55:00Z
5
value 0.00452
scoring_system epss
scoring_elements 0.63766
published_at 2026-04-09T12:55:00Z
6
value 0.00452
scoring_system epss
scoring_elements 0.6378
published_at 2026-04-11T12:55:00Z
7
value 0.00452
scoring_system epss
scoring_elements 0.63765
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25278
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://www.drupal.org/sa-core-2022-013
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-03T18:39:47Z/
url https://www.drupal.org/sa-core-2022-013
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25278
reference_id CVE-2022-25278
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25278
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2022-25278.yaml
reference_id CVE-2022-25278.YAML
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2022-25278.yaml
5
reference_url https://github.com/advisories/GHSA-cfh2-7f6h-3m85
reference_id GHSA-cfh2-7f6h-3m85
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cfh2-7f6h-3m85
fixed_packages
0
url pkg:composer/drupal/drupal@9.3.19
purl pkg:composer/drupal/drupal@9.3.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-q4qx-7s1y-q3hc
3
vulnerability VCID-rdgr-yuu7-xkey
4
vulnerability VCID-u4w3-usvb-jyf6
5
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.19
1
url pkg:composer/drupal/drupal@9.4.3
purl pkg:composer/drupal/drupal@9.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-bk92-66re-dkc5
3
vulnerability VCID-q4qx-7s1y-q3hc
4
vulnerability VCID-rdgr-yuu7-xkey
5
vulnerability VCID-u4w3-usvb-jyf6
6
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.4.3
aliases CVE-2022-25278, GHSA-cfh2-7f6h-3m85
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgjq-y5zj-cud1
24
url VCID-djgn-ezxp-37eu
vulnerability_id VCID-djgn-ezxp-37eu
summary 
Cross-site Scripting
Under certain circumstances the File `module/subsystem` allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6341
reference_id
reference_type
scores
0
value 0.46484
scoring_system epss
scoring_elements 0.9764
published_at 2026-04-02T12:55:00Z
1
value 0.46484
scoring_system epss
scoring_elements 0.97655
published_at 2026-04-13T12:55:00Z
2
value 0.46484
scoring_system epss
scoring_elements 0.97652
published_at 2026-04-11T12:55:00Z
3
value 0.46484
scoring_system epss
scoring_elements 0.9765
published_at 2026-04-09T12:55:00Z
4
value 0.46484
scoring_system epss
scoring_elements 0.97648
published_at 2026-04-08T12:55:00Z
5
value 0.46484
scoring_system epss
scoring_elements 0.97644
published_at 2026-04-07T12:55:00Z
6
value 0.46484
scoring_system epss
scoring_elements 0.97642
published_at 2026-04-04T12:55:00Z
7
value 0.46484
scoring_system epss
scoring_elements 0.97634
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6341
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6341
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6341.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6341.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6341.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6341.yaml
5
reference_url https://lists.debian.org/debian-lts-announce/2019/04/msg00003.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/04/msg00003.html
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/
22
reference_url https://www.drupal.org/sa-core-2019-004
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-004
23
reference_url https://www.drupal.org/SA-CORE-2019-004
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2019-004
24
reference_url https://www.synology.com/security/advisory/Synology_SA_19_13
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_13
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6341
reference_id CVE-2019-6341
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6341
30
reference_url https://github.com/advisories/GHSA-cmmh-8mwp-gq5p
reference_id GHSA-cmmh-8mwp-gq5p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cmmh-8mwp-gq5p
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.14
purl pkg:composer/drupal/drupal@8.5.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-636u-5bdw-puh4
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-jfq8-xxwa-mkd1
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kh51-g4cv-tqaw
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-pk74-yy1n-8qck
13
vulnerability VCID-r8pv-9upr-y7gd
14
vulnerability VCID-ty3y-k9t2-qyba
15
vulnerability VCID-u4w3-usvb-jyf6
16
vulnerability VCID-uqcw-p8g2-cfd2
17
vulnerability VCID-vevm-4sfk-f7gq
18
vulnerability VCID-w3q4-838v-97ck
19
vulnerability VCID-wbuz-qcp3-43aq
20
vulnerability VCID-wbvy-zrtk-audw
21
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.14
1
url pkg:composer/drupal/drupal@8.6.13
purl pkg:composer/drupal/drupal@8.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-636u-5bdw-puh4
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-jfq8-xxwa-mkd1
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kh51-g4cv-tqaw
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-pk74-yy1n-8qck
13
vulnerability VCID-r8pv-9upr-y7gd
14
vulnerability VCID-ty3y-k9t2-qyba
15
vulnerability VCID-u4w3-usvb-jyf6
16
vulnerability VCID-uqcw-p8g2-cfd2
17
vulnerability VCID-vevm-4sfk-f7gq
18
vulnerability VCID-w3q4-838v-97ck
19
vulnerability VCID-wbuz-qcp3-43aq
20
vulnerability VCID-wbvy-zrtk-audw
21
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.13
aliases CVE-2019-6341, GHSA-cmmh-8mwp-gq5p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djgn-ezxp-37eu
25
url VCID-en3b-g3f3-a3e3
vulnerability_id VCID-en3b-g3f3-a3e3
summary 
Brute force amplification attacks via XML-RPC
The XML-RPC system in Drupal might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3163
reference_id
reference_type
scores
0
value 0.00855
scoring_system epss
scoring_elements 0.74918
published_at 2026-04-02T12:55:00Z
1
value 0.00855
scoring_system epss
scoring_elements 0.74957
published_at 2026-04-13T12:55:00Z
2
value 0.00855
scoring_system epss
scoring_elements 0.74967
published_at 2026-04-12T12:55:00Z
3
value 0.00855
scoring_system epss
scoring_elements 0.74988
published_at 2026-04-11T12:55:00Z
4
value 0.00855
scoring_system epss
scoring_elements 0.74965
published_at 2026-04-09T12:55:00Z
5
value 0.00855
scoring_system epss
scoring_elements 0.74953
published_at 2026-04-08T12:55:00Z
6
value 0.00855
scoring_system epss
scoring_elements 0.7492
published_at 2026-04-07T12:55:00Z
7
value 0.00855
scoring_system epss
scoring_elements 0.74946
published_at 2026-04-04T12:55:00Z
8
value 0.00855
scoring_system epss
scoring_elements 0.74915
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3163
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
7
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3163.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3163.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3163.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3163.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3163
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3163
11
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
12
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
13
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
14
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
102
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
103
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
104
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
105
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
106
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
107
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
108
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
109
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
110
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
111
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
112
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
113
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
114
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
115
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
116
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
117
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
118
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
119
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
120
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
121
reference_url https://github.com/advisories/GHSA-h3r9-pjmr-f938
reference_id GHSA-h3r9-pjmr-f938
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h3r9-pjmr-f938
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3163, GHSA-h3r9-pjmr-f938
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-en3b-g3f3-a3e3
26
url VCID-fm5k-u7s6-wfhb
vulnerability_id VCID-fm5k-u7s6-wfhb
summary 
Entity Access Bypass
In versions of Drupal 8 core ; There is a vulnerability in the entity access system that could allow unwanted access to view, create, update, or delete entities. This only affects entities that do not use or do not have UUIDs, and entities that have different access restrictions on different revisions of the same entity.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6925
reference_id
reference_type
scores
0
value 0.00617
scoring_system epss
scoring_elements 0.69873
published_at 2026-04-02T12:55:00Z
1
value 0.00617
scoring_system epss
scoring_elements 0.69888
published_at 2026-04-04T12:55:00Z
2
value 0.00617
scoring_system epss
scoring_elements 0.69861
published_at 2026-04-01T12:55:00Z
3
value 0.00617
scoring_system epss
scoring_elements 0.69923
published_at 2026-04-13T12:55:00Z
4
value 0.00617
scoring_system epss
scoring_elements 0.69938
published_at 2026-04-12T12:55:00Z
5
value 0.00617
scoring_system epss
scoring_elements 0.69953
published_at 2026-04-11T12:55:00Z
6
value 0.00617
scoring_system epss
scoring_elements 0.69929
published_at 2026-04-09T12:55:00Z
7
value 0.00617
scoring_system epss
scoring_elements 0.69913
published_at 2026-04-08T12:55:00Z
8
value 0.00617
scoring_system epss
scoring_elements 0.69865
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6925
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6925.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6925.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6925.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6925.yaml
4
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-08-16/drupal-core-multiple
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-08-16/drupal-core-multiple
5
reference_url https://www.drupal.org/SA-CORE-2017-004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-004
6
reference_url http://www.securityfocus.com/bid/100368
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/100368
7
reference_url http://www.securitytracker.com/id/1039200
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1039200
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6925
reference_id CVE-2017-6925
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6925
10
reference_url https://github.com/advisories/GHSA-f4qx-jqfq-7785
reference_id GHSA-f4qx-jqfq-7785
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f4qx-jqfq-7785
fixed_packages
0
url pkg:composer/drupal/drupal@8.3.0
purl pkg:composer/drupal/drupal@8.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3hf4-tvxn-zyh4
3
vulnerability VCID-48ut-ykkc-83fx
4
vulnerability VCID-4aer-46u2-23f6
5
vulnerability VCID-565p-mgqe-gkfc
6
vulnerability VCID-5tqs-qmqn-gug5
7
vulnerability VCID-636u-5bdw-puh4
8
vulnerability VCID-6ck5-9e5b-w3ay
9
vulnerability VCID-6m8x-cfzp-tkf4
10
vulnerability VCID-8nda-kjr2-ufd4
11
vulnerability VCID-9f24-vqyt-r7dq
12
vulnerability VCID-9vdz-1jpq-kue3
13
vulnerability VCID-bbzr-hbhv-yyee
14
vulnerability VCID-c9dm-17vt-4bbc
15
vulnerability VCID-cucx-jfqf-pkd1
16
vulnerability VCID-dgjq-y5zj-cud1
17
vulnerability VCID-g1rp-twzp-63e1
18
vulnerability VCID-ga35-289v-vqhr
19
vulnerability VCID-gzcu-sbks-wyfa
20
vulnerability VCID-hzr8-ttbu-ebhg
21
vulnerability VCID-jfq8-xxwa-mkd1
22
vulnerability VCID-jnu7-1j9c-dqck
23
vulnerability VCID-k1gx-nznx-7qd6
24
vulnerability VCID-kh51-g4cv-tqaw
25
vulnerability VCID-krhy-kg1b-rfbk
26
vulnerability VCID-mapb-hsvc-2khc
27
vulnerability VCID-n119-gta2-kfg1
28
vulnerability VCID-n7un-zgqv-jfef
29
vulnerability VCID-nc36-atc6-yua6
30
vulnerability VCID-nd8n-5dsu-2fbp
31
vulnerability VCID-pk74-yy1n-8qck
32
vulnerability VCID-r8pv-9upr-y7gd
33
vulnerability VCID-rhj7-dy7q-jkhw
34
vulnerability VCID-rr4q-f5cv-nkah
35
vulnerability VCID-s9kv-9qfu-gbdq
36
vulnerability VCID-t84c-8r34-57b9
37
vulnerability VCID-ty3y-k9t2-qyba
38
vulnerability VCID-u1xx-aazv-bkg5
39
vulnerability VCID-u4w3-usvb-jyf6
40
vulnerability VCID-uqcw-p8g2-cfd2
41
vulnerability VCID-utyg-huhu-2ucq
42
vulnerability VCID-vevm-4sfk-f7gq
43
vulnerability VCID-vq5y-hdw3-nucj
44
vulnerability VCID-w3q4-838v-97ck
45
vulnerability VCID-wbuz-qcp3-43aq
46
vulnerability VCID-wbvy-zrtk-audw
47
vulnerability VCID-ww44-hb2y-mfd5
48
vulnerability VCID-wwvq-399y-rfhc
49
vulnerability VCID-y74s-ghyc-2bhs
50
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.0
1
url pkg:composer/drupal/drupal@8.3.7
purl pkg:composer/drupal/drupal@8.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-48ut-ykkc-83fx
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5tqs-qmqn-gug5
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-8nda-kjr2-ufd4
10
vulnerability VCID-9f24-vqyt-r7dq
11
vulnerability VCID-9vdz-1jpq-kue3
12
vulnerability VCID-bbzr-hbhv-yyee
13
vulnerability VCID-c9dm-17vt-4bbc
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-dgjq-y5zj-cud1
16
vulnerability VCID-g1rp-twzp-63e1
17
vulnerability VCID-ga35-289v-vqhr
18
vulnerability VCID-gzcu-sbks-wyfa
19
vulnerability VCID-jfq8-xxwa-mkd1
20
vulnerability VCID-jnu7-1j9c-dqck
21
vulnerability VCID-k1gx-nznx-7qd6
22
vulnerability VCID-kh51-g4cv-tqaw
23
vulnerability VCID-mapb-hsvc-2khc
24
vulnerability VCID-n119-gta2-kfg1
25
vulnerability VCID-n7un-zgqv-jfef
26
vulnerability VCID-nc36-atc6-yua6
27
vulnerability VCID-nd8n-5dsu-2fbp
28
vulnerability VCID-pk74-yy1n-8qck
29
vulnerability VCID-r8pv-9upr-y7gd
30
vulnerability VCID-rhj7-dy7q-jkhw
31
vulnerability VCID-rr4q-f5cv-nkah
32
vulnerability VCID-s9kv-9qfu-gbdq
33
vulnerability VCID-t84c-8r34-57b9
34
vulnerability VCID-ty3y-k9t2-qyba
35
vulnerability VCID-u1xx-aazv-bkg5
36
vulnerability VCID-u4w3-usvb-jyf6
37
vulnerability VCID-uqcw-p8g2-cfd2
38
vulnerability VCID-utyg-huhu-2ucq
39
vulnerability VCID-vevm-4sfk-f7gq
40
vulnerability VCID-vq5y-hdw3-nucj
41
vulnerability VCID-w3q4-838v-97ck
42
vulnerability VCID-wbuz-qcp3-43aq
43
vulnerability VCID-wbvy-zrtk-audw
44
vulnerability VCID-ww44-hb2y-mfd5
45
vulnerability VCID-wwvq-399y-rfhc
46
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.7
aliases CVE-2017-6925, GHSA-f4qx-jqfq-7785
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fm5k-u7s6-wfhb
27
url VCID-g1rp-twzp-63e1
vulnerability_id VCID-g1rp-twzp-63e1
summary 
Cross-site Scripting
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6929
reference_id
reference_type
scores
0
value 0.00603
scoring_system epss
scoring_elements 0.69505
published_at 2026-04-02T12:55:00Z
1
value 0.00603
scoring_system epss
scoring_elements 0.69559
published_at 2026-04-13T12:55:00Z
2
value 0.00603
scoring_system epss
scoring_elements 0.69573
published_at 2026-04-12T12:55:00Z
3
value 0.00603
scoring_system epss
scoring_elements 0.69588
published_at 2026-04-11T12:55:00Z
4
value 0.00603
scoring_system epss
scoring_elements 0.69567
published_at 2026-04-09T12:55:00Z
5
value 0.00603
scoring_system epss
scoring_elements 0.6955
published_at 2026-04-08T12:55:00Z
6
value 0.00603
scoring_system epss
scoring_elements 0.695
published_at 2026-04-07T12:55:00Z
7
value 0.00603
scoring_system epss
scoring_elements 0.6952
published_at 2026-04-04T12:55:00Z
8
value 0.00603
scoring_system epss
scoring_elements 0.69494
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6929
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
5
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6929.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6929.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6929.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6929.yaml
8
reference_url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6929
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6929
10
reference_url https://www.debian.org/security/2018/dsa-4123
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4123
11
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
12
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
13
reference_url https://github.com/advisories/GHSA-5vpr-v24w-mmjj
reference_id GHSA-5vpr-v24w-mmjj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5vpr-v24w-mmjj
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.0
purl pkg:composer/drupal/drupal@8.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-48ut-ykkc-83fx
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5tqs-qmqn-gug5
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-8nda-kjr2-ufd4
10
vulnerability VCID-9f24-vqyt-r7dq
11
vulnerability VCID-9vdz-1jpq-kue3
12
vulnerability VCID-bbzr-hbhv-yyee
13
vulnerability VCID-c9dm-17vt-4bbc
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-cuk6-hskr-yyau
16
vulnerability VCID-dgjq-y5zj-cud1
17
vulnerability VCID-g1rp-twzp-63e1
18
vulnerability VCID-ga35-289v-vqhr
19
vulnerability VCID-gzcu-sbks-wyfa
20
vulnerability VCID-jfq8-xxwa-mkd1
21
vulnerability VCID-jnu7-1j9c-dqck
22
vulnerability VCID-k1gx-nznx-7qd6
23
vulnerability VCID-kh51-g4cv-tqaw
24
vulnerability VCID-mapb-hsvc-2khc
25
vulnerability VCID-n119-gta2-kfg1
26
vulnerability VCID-n7un-zgqv-jfef
27
vulnerability VCID-nc36-atc6-yua6
28
vulnerability VCID-nd8n-5dsu-2fbp
29
vulnerability VCID-pk74-yy1n-8qck
30
vulnerability VCID-r8pv-9upr-y7gd
31
vulnerability VCID-rhj7-dy7q-jkhw
32
vulnerability VCID-rr4q-f5cv-nkah
33
vulnerability VCID-s9kv-9qfu-gbdq
34
vulnerability VCID-t84c-8r34-57b9
35
vulnerability VCID-ty3y-k9t2-qyba
36
vulnerability VCID-u1xx-aazv-bkg5
37
vulnerability VCID-u4w3-usvb-jyf6
38
vulnerability VCID-uqcw-p8g2-cfd2
39
vulnerability VCID-utyg-huhu-2ucq
40
vulnerability VCID-vevm-4sfk-f7gq
41
vulnerability VCID-vq5y-hdw3-nucj
42
vulnerability VCID-w3q4-838v-97ck
43
vulnerability VCID-wbuz-qcp3-43aq
44
vulnerability VCID-wbvy-zrtk-audw
45
vulnerability VCID-ww44-hb2y-mfd5
46
vulnerability VCID-wwvq-399y-rfhc
47
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.0
1
url pkg:composer/drupal/drupal@8.4.5
purl pkg:composer/drupal/drupal@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-ga35-289v-vqhr
15
vulnerability VCID-gzcu-sbks-wyfa
16
vulnerability VCID-jfq8-xxwa-mkd1
17
vulnerability VCID-k1gx-nznx-7qd6
18
vulnerability VCID-kh51-g4cv-tqaw
19
vulnerability VCID-mapb-hsvc-2khc
20
vulnerability VCID-n119-gta2-kfg1
21
vulnerability VCID-n7un-zgqv-jfef
22
vulnerability VCID-nc36-atc6-yua6
23
vulnerability VCID-nd8n-5dsu-2fbp
24
vulnerability VCID-pk74-yy1n-8qck
25
vulnerability VCID-r8pv-9upr-y7gd
26
vulnerability VCID-rhj7-dy7q-jkhw
27
vulnerability VCID-rr4q-f5cv-nkah
28
vulnerability VCID-t84c-8r34-57b9
29
vulnerability VCID-ty3y-k9t2-qyba
30
vulnerability VCID-u1xx-aazv-bkg5
31
vulnerability VCID-u4w3-usvb-jyf6
32
vulnerability VCID-uqcw-p8g2-cfd2
33
vulnerability VCID-utyg-huhu-2ucq
34
vulnerability VCID-vevm-4sfk-f7gq
35
vulnerability VCID-vq5y-hdw3-nucj
36
vulnerability VCID-w3q4-838v-97ck
37
vulnerability VCID-wbuz-qcp3-43aq
38
vulnerability VCID-wbvy-zrtk-audw
39
vulnerability VCID-ww44-hb2y-mfd5
40
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.5
aliases CVE-2017-6929, GHSA-5vpr-v24w-mmjj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g1rp-twzp-63e1
28
url VCID-ga35-289v-vqhr
vulnerability_id VCID-ga35-289v-vqhr
summary 
Drupal Core Remote Code Execution Vulnerability
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7600
reference_id
reference_type
scores
0
value 0.94489
scoring_system epss
scoring_elements 1.0
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7600
1
reference_url https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600
2
reference_url https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7600
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7600
4
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
5
reference_url https://greysec.net/showthread.php?tid=2912&pid=10561
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://greysec.net/showthread.php?tid=2912&pid=10561
6
reference_url https://groups.drupal.org/security/faq-2018-002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://groups.drupal.org/security/faq-2018-002
7
reference_url https://lists.debian.org/debian-lts-announce/2018/03/msg00028.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://lists.debian.org/debian-lts-announce/2018/03/msg00028.html
8
reference_url https://research.checkpoint.com/uncovering-drupalgeddon-2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://research.checkpoint.com/uncovering-drupalgeddon-2
9
reference_url https://twitter.com/arancaytar/status/979090719003627521
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://twitter.com/arancaytar/status/979090719003627521
10
reference_url https://twitter.com/RicterZ/status/979567469726613504
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://twitter.com/RicterZ/status/979567469726613504
11
reference_url https://twitter.com/RicterZ/status/984495201354854401
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://twitter.com/RicterZ/status/984495201354854401
12
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7600
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7600
13
reference_url https://www.debian.org/security/2018/dsa-4156
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://www.debian.org/security/2018/dsa-4156
14
reference_url https://www.drupal.org/sa-core-2018-002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://www.drupal.org/sa-core-2018-002
15
reference_url https://www.exploit-db.com/exploits/44448
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44448
16
reference_url https://www.exploit-db.com/exploits/44449
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44449
17
reference_url https://www.exploit-db.com/exploits/44482
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44482
18
reference_url https://www.synology.com/support/security/Synology_SA_18_17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://www.synology.com/support/security/Synology_SA_18_17
19
reference_url https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know
20
reference_url http://www.securityfocus.com/bid/103534
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url http://www.securityfocus.com/bid/103534
21
reference_url http://www.securitytracker.com/id/1040598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url http://www.securitytracker.com/id/1040598
22
reference_url https://www.exploit-db.com/exploits/44448/
reference_id 44448
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://www.exploit-db.com/exploits/44448/
23
reference_url https://www.exploit-db.com/exploits/44449/
reference_id 44449
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://www.exploit-db.com/exploits/44449/
24
reference_url https://www.exploit-db.com/exploits/44482/
reference_id 44482
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://www.exploit-db.com/exploits/44482/
25
reference_url https://security.archlinux.org/ASA-201804-1
reference_id ASA-201804-1
reference_type
scores
url https://security.archlinux.org/ASA-201804-1
26
reference_url https://security.archlinux.org/AVG-665
reference_id AVG-665
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-665
27
reference_url https://github.com/a2u/CVE-2018-7600
reference_id CVE-2018-7600
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://github.com/a2u/CVE-2018-7600
28
reference_url https://github.com/a2u/CVE-2018-7600/blob/2c623a6a9ea641119cf7ee75cd344fb32047169b/exploit.py
reference_id CVE-2018-7600
reference_type exploit
scores
url https://github.com/a2u/CVE-2018-7600/blob/2c623a6a9ea641119cf7ee75cd344fb32047169b/exploit.py
29
reference_url https://github.com/dreadlocked/Drupalgeddon2/blob/16cac1b2336d38642f75eb7b7e2c833b2c3f49b1/drupalgeddon2.rb
reference_id CVE-2018-7600
reference_type exploit
scores
url https://github.com/dreadlocked/Drupalgeddon2/blob/16cac1b2336d38642f75eb7b7e2c833b2c3f49b1/drupalgeddon2.rb
30
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/44482.rb
reference_id CVE-2018-7600
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/44482.rb
31
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44448.py
reference_id CVE-2018-7600
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44448.py
32
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44449.rb
reference_id CVE-2018-7600
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44449.rb
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7600
reference_id CVE-2018-7600
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-7600
34
reference_url https://github.com/g0rx/CVE-2018-7600-Drupal-RCE
reference_id CVE-2018-7600-DRUPAL-RCE
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://github.com/g0rx/CVE-2018-7600-Drupal-RCE
35
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-7600.yaml
reference_id CVE-2018-7600.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-7600.yaml
36
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-7600.yaml
reference_id CVE-2018-7600.YAML
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-7600.yaml
37
reference_url https://github.com/advisories/GHSA-7fh9-933g-885p
reference_id GHSA-7fh9-933g-885p
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7fh9-933g-885p
38
reference_url https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/
reference_id over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/
39
reference_url https://research.checkpoint.com/uncovering-drupalgeddon-2/
reference_id uncovering-drupalgeddon-2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:40:15Z/
url https://research.checkpoint.com/uncovering-drupalgeddon-2/
40
reference_url https://usn.ubuntu.com/USN-4773-1/
reference_id USN-USN-4773-1
reference_type
scores
url https://usn.ubuntu.com/USN-4773-1/
fixed_packages
0
url pkg:composer/drupal/drupal@8.3.9
purl pkg:composer/drupal/drupal@8.3.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-gzcu-sbks-wyfa
15
vulnerability VCID-jfq8-xxwa-mkd1
16
vulnerability VCID-k1gx-nznx-7qd6
17
vulnerability VCID-kh51-g4cv-tqaw
18
vulnerability VCID-mapb-hsvc-2khc
19
vulnerability VCID-n119-gta2-kfg1
20
vulnerability VCID-n7un-zgqv-jfef
21
vulnerability VCID-nd8n-5dsu-2fbp
22
vulnerability VCID-pk74-yy1n-8qck
23
vulnerability VCID-r8pv-9upr-y7gd
24
vulnerability VCID-rhj7-dy7q-jkhw
25
vulnerability VCID-rr4q-f5cv-nkah
26
vulnerability VCID-t84c-8r34-57b9
27
vulnerability VCID-ty3y-k9t2-qyba
28
vulnerability VCID-u1xx-aazv-bkg5
29
vulnerability VCID-u4w3-usvb-jyf6
30
vulnerability VCID-uqcw-p8g2-cfd2
31
vulnerability VCID-utyg-huhu-2ucq
32
vulnerability VCID-vevm-4sfk-f7gq
33
vulnerability VCID-vq5y-hdw3-nucj
34
vulnerability VCID-w3q4-838v-97ck
35
vulnerability VCID-wbuz-qcp3-43aq
36
vulnerability VCID-wbvy-zrtk-audw
37
vulnerability VCID-ww44-hb2y-mfd5
38
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.9
1
url pkg:composer/drupal/drupal@8.4.6
purl pkg:composer/drupal/drupal@8.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-gzcu-sbks-wyfa
15
vulnerability VCID-jfq8-xxwa-mkd1
16
vulnerability VCID-k1gx-nznx-7qd6
17
vulnerability VCID-kh51-g4cv-tqaw
18
vulnerability VCID-mapb-hsvc-2khc
19
vulnerability VCID-n119-gta2-kfg1
20
vulnerability VCID-n7un-zgqv-jfef
21
vulnerability VCID-nd8n-5dsu-2fbp
22
vulnerability VCID-pk74-yy1n-8qck
23
vulnerability VCID-r8pv-9upr-y7gd
24
vulnerability VCID-rhj7-dy7q-jkhw
25
vulnerability VCID-rr4q-f5cv-nkah
26
vulnerability VCID-t84c-8r34-57b9
27
vulnerability VCID-ty3y-k9t2-qyba
28
vulnerability VCID-u1xx-aazv-bkg5
29
vulnerability VCID-u4w3-usvb-jyf6
30
vulnerability VCID-uqcw-p8g2-cfd2
31
vulnerability VCID-utyg-huhu-2ucq
32
vulnerability VCID-vevm-4sfk-f7gq
33
vulnerability VCID-vq5y-hdw3-nucj
34
vulnerability VCID-w3q4-838v-97ck
35
vulnerability VCID-wbuz-qcp3-43aq
36
vulnerability VCID-wbvy-zrtk-audw
37
vulnerability VCID-ww44-hb2y-mfd5
38
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.6
2
url pkg:composer/drupal/drupal@8.5.1
purl pkg:composer/drupal/drupal@8.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-djgn-ezxp-37eu
15
vulnerability VCID-gzcu-sbks-wyfa
16
vulnerability VCID-jfq8-xxwa-mkd1
17
vulnerability VCID-k1gx-nznx-7qd6
18
vulnerability VCID-kh51-g4cv-tqaw
19
vulnerability VCID-mapb-hsvc-2khc
20
vulnerability VCID-n119-gta2-kfg1
21
vulnerability VCID-n7un-zgqv-jfef
22
vulnerability VCID-nd8n-5dsu-2fbp
23
vulnerability VCID-pk74-yy1n-8qck
24
vulnerability VCID-r8pv-9upr-y7gd
25
vulnerability VCID-rhj7-dy7q-jkhw
26
vulnerability VCID-rr4q-f5cv-nkah
27
vulnerability VCID-t84c-8r34-57b9
28
vulnerability VCID-ty3y-k9t2-qyba
29
vulnerability VCID-u1xx-aazv-bkg5
30
vulnerability VCID-u4w3-usvb-jyf6
31
vulnerability VCID-uqcw-p8g2-cfd2
32
vulnerability VCID-utyg-huhu-2ucq
33
vulnerability VCID-vevm-4sfk-f7gq
34
vulnerability VCID-vq5y-hdw3-nucj
35
vulnerability VCID-w3q4-838v-97ck
36
vulnerability VCID-wbuz-qcp3-43aq
37
vulnerability VCID-wbvy-zrtk-audw
38
vulnerability VCID-ww44-hb2y-mfd5
39
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.1
aliases CVE-2018-7600, GHSA-7fh9-933g-885p
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ga35-289v-vqhr
29
url VCID-gzcu-sbks-wyfa
vulnerability_id VCID-gzcu-sbks-wyfa
summary 
URL Redirection to Untrusted Site ('Open Redirect')
External URL injection through URL aliases in drupal.
references
0
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2018-006
fixed_packages
0
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases 2018-10-17-2
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gzcu-sbks-wyfa
30
url VCID-h6yp-zj5e-zkbm
vulnerability_id VCID-h6yp-zj5e-zkbm
summary 
HTTP header injection using line breaks
CRLF injection vulnerability in the `drupal_set_header` function in Drupal allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by leveraging a module that allows user-submitted data to appear in HTTP headers.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3166
reference_id
reference_type
scores
0
value 0.00497
scoring_system epss
scoring_elements 0.65822
published_at 2026-04-02T12:55:00Z
1
value 0.00497
scoring_system epss
scoring_elements 0.65858
published_at 2026-04-13T12:55:00Z
2
value 0.00497
scoring_system epss
scoring_elements 0.65888
published_at 2026-04-12T12:55:00Z
3
value 0.00497
scoring_system epss
scoring_elements 0.65901
published_at 2026-04-11T12:55:00Z
4
value 0.00497
scoring_system epss
scoring_elements 0.65882
published_at 2026-04-09T12:55:00Z
5
value 0.00497
scoring_system epss
scoring_elements 0.6587
published_at 2026-04-08T12:55:00Z
6
value 0.00497
scoring_system epss
scoring_elements 0.65818
published_at 2026-04-07T12:55:00Z
7
value 0.00497
scoring_system epss
scoring_elements 0.65852
published_at 2026-04-04T12:55:00Z
8
value 0.00497
scoring_system epss
scoring_elements 0.65772
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3166
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3166.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3166.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3166.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3166.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3166
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3166
5
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
6
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
7
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
8
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
58
reference_url https://github.com/advisories/GHSA-fg5q-r2q5-qmh3
reference_id GHSA-fg5q-r2q5-qmh3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fg5q-r2q5-qmh3
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3166, GHSA-fg5q-r2q5-qmh3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6yp-zj5e-zkbm
31
url VCID-hzr8-ttbu-ebhg
vulnerability_id VCID-hzr8-ttbu-ebhg
summary 
PECL YAML parser unsafe object handling
PECL YAML parser does not handle PHP objects safely during certain operations within Drupal core. This can lead to remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6920
reference_id
reference_type
scores
0
value 0.66148
scoring_system epss
scoring_elements 0.98509
published_at 2026-04-02T12:55:00Z
1
value 0.66148
scoring_system epss
scoring_elements 0.98518
published_at 2026-04-13T12:55:00Z
2
value 0.66148
scoring_system epss
scoring_elements 0.98516
published_at 2026-04-09T12:55:00Z
3
value 0.66148
scoring_system epss
scoring_elements 0.98515
published_at 2026-04-08T12:55:00Z
4
value 0.66148
scoring_system epss
scoring_elements 0.98512
published_at 2026-04-07T12:55:00Z
5
value 0.66148
scoring_system epss
scoring_elements 0.98511
published_at 2026-04-04T12:55:00Z
6
value 0.66148
scoring_system epss
scoring_elements 0.98507
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6920
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6920.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6920.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6920.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6920.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6920
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6920
5
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
6
reference_url https://www.drupal.org/SA-CORE-2017-003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-003
7
reference_url http://www.securityfocus.com/bid/99211
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/99211
8
reference_url http://www.securitytracker.com/id/1038781
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038781
9
reference_url https://github.com/advisories/GHSA-9c24-g32g-35rj
reference_id GHSA-9c24-g32g-35rj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9c24-g32g-35rj
fixed_packages
0
url pkg:composer/drupal/drupal@8.3.4
purl pkg:composer/drupal/drupal@8.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-48ut-ykkc-83fx
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5tqs-qmqn-gug5
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-8nda-kjr2-ufd4
10
vulnerability VCID-9f24-vqyt-r7dq
11
vulnerability VCID-9vdz-1jpq-kue3
12
vulnerability VCID-bbzr-hbhv-yyee
13
vulnerability VCID-c9dm-17vt-4bbc
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-dgjq-y5zj-cud1
16
vulnerability VCID-g1rp-twzp-63e1
17
vulnerability VCID-ga35-289v-vqhr
18
vulnerability VCID-gzcu-sbks-wyfa
19
vulnerability VCID-jfq8-xxwa-mkd1
20
vulnerability VCID-jnu7-1j9c-dqck
21
vulnerability VCID-k1gx-nznx-7qd6
22
vulnerability VCID-kh51-g4cv-tqaw
23
vulnerability VCID-mapb-hsvc-2khc
24
vulnerability VCID-n119-gta2-kfg1
25
vulnerability VCID-n7un-zgqv-jfef
26
vulnerability VCID-nc36-atc6-yua6
27
vulnerability VCID-nd8n-5dsu-2fbp
28
vulnerability VCID-pk74-yy1n-8qck
29
vulnerability VCID-r8pv-9upr-y7gd
30
vulnerability VCID-rhj7-dy7q-jkhw
31
vulnerability VCID-rr4q-f5cv-nkah
32
vulnerability VCID-s9kv-9qfu-gbdq
33
vulnerability VCID-t84c-8r34-57b9
34
vulnerability VCID-ty3y-k9t2-qyba
35
vulnerability VCID-u1xx-aazv-bkg5
36
vulnerability VCID-u4w3-usvb-jyf6
37
vulnerability VCID-uqcw-p8g2-cfd2
38
vulnerability VCID-utyg-huhu-2ucq
39
vulnerability VCID-vevm-4sfk-f7gq
40
vulnerability VCID-vq5y-hdw3-nucj
41
vulnerability VCID-w3q4-838v-97ck
42
vulnerability VCID-wbuz-qcp3-43aq
43
vulnerability VCID-wbvy-zrtk-audw
44
vulnerability VCID-ww44-hb2y-mfd5
45
vulnerability VCID-wwvq-399y-rfhc
46
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.4
aliases CVE-2017-6920, GHSA-9c24-g32g-35rj
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hzr8-ttbu-ebhg
32
url VCID-jfq8-xxwa-mkd1
vulnerability_id VCID-jfq8-xxwa-mkd1
summary 
Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_Tar
The Drupal project uses the third-party library [Archive_Tar](https://pear.php.net/package/Archive_Tar/), which has released a security improvement that is needed to protect some Drupal configurations.

Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2 or .tlz file uploads and processes them.

The latest versions of Drupal update Archive_Tar to 1.4.9 to mitigate the file processing vulnerabilities.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-4.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-4.yaml
2
reference_url https://www.drupal.org/sa-core-2019-012
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-012
3
reference_url https://github.com/advisories/GHSA-m9fv-whq2-6wmc
reference_id GHSA-m9fv-whq2-6wmc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m9fv-whq2-6wmc
fixed_packages
0
url pkg:composer/drupal/drupal@8.7.11
purl pkg:composer/drupal/drupal@8.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5618-53yg-8qh4
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-cvxp-ctj9-guej
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-kh51-g4cv-tqaw
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n119-gta2-kfg1
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-nj3a-eb59-jygs
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-uqcw-p8g2-cfd2
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
18
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.11
1
url pkg:composer/drupal/drupal@8.8.1
purl pkg:composer/drupal/drupal@8.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-5618-53yg-8qh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-cvxp-ctj9-guej
7
vulnerability VCID-dgjq-y5zj-cud1
8
vulnerability VCID-gbz5-5frj-hber
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-kh51-g4cv-tqaw
11
vulnerability VCID-mapb-hsvc-2khc
12
vulnerability VCID-mhk6-9qdy-83f3
13
vulnerability VCID-n119-gta2-kfg1
14
vulnerability VCID-n7un-zgqv-jfef
15
vulnerability VCID-nj3a-eb59-jygs
16
vulnerability VCID-q4qx-7s1y-q3hc
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rdgr-yuu7-xkey
19
vulnerability VCID-u4w3-usvb-jyf6
20
vulnerability VCID-uqcw-p8g2-cfd2
21
vulnerability VCID-v9v6-ae3e-g3hk
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-wbuz-qcp3-43aq
24
vulnerability VCID-wbvy-zrtk-audw
25
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.1
aliases GHSA-m9fv-whq2-6wmc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jfq8-xxwa-mkd1
33
url VCID-jnu7-1j9c-dqck
vulnerability_id VCID-jnu7-1j9c-dqck
summary 
JavaScript cross-site scripting prevention is incomplete
Drupal has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output is not auto-escaped by either Drupal 7 or Drupal 8). This function does not correctly handle all methods of injecting malicious HTML, leading to a cross-site scripting vulnerability under certain circumstances. The PHP functions which Drupal provides for HTML escaping are not affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6927
reference_id
reference_type
scores
0
value 0.0139
scoring_system epss
scoring_elements 0.80305
published_at 2026-04-02T12:55:00Z
1
value 0.0139
scoring_system epss
scoring_elements 0.80325
published_at 2026-04-04T12:55:00Z
2
value 0.0139
scoring_system epss
scoring_elements 0.80297
published_at 2026-04-01T12:55:00Z
3
value 0.0139
scoring_system epss
scoring_elements 0.8035
published_at 2026-04-13T12:55:00Z
4
value 0.0139
scoring_system epss
scoring_elements 0.80356
published_at 2026-04-12T12:55:00Z
5
value 0.0139
scoring_system epss
scoring_elements 0.80371
published_at 2026-04-11T12:55:00Z
6
value 0.0139
scoring_system epss
scoring_elements 0.80352
published_at 2026-04-09T12:55:00Z
7
value 0.0139
scoring_system epss
scoring_elements 0.80341
published_at 2026-04-08T12:55:00Z
8
value 0.0139
scoring_system epss
scoring_elements 0.80313
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6927
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
5
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6927.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6927.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6927.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6927.yaml
8
reference_url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6927
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6927
10
reference_url https://www.debian.org/security/2018/dsa-4123
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4123
11
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
12
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
13
reference_url http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6927
reference_id
reference_type
scores
url http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6927
14
reference_url http://www.securityfocus.com/bid/103138
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103138
15
reference_url https://github.com/advisories/GHSA-585j-5449-mf5m
reference_id GHSA-585j-5449-mf5m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-585j-5449-mf5m
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.5
purl pkg:composer/drupal/drupal@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-ga35-289v-vqhr
15
vulnerability VCID-gzcu-sbks-wyfa
16
vulnerability VCID-jfq8-xxwa-mkd1
17
vulnerability VCID-k1gx-nznx-7qd6
18
vulnerability VCID-kh51-g4cv-tqaw
19
vulnerability VCID-mapb-hsvc-2khc
20
vulnerability VCID-n119-gta2-kfg1
21
vulnerability VCID-n7un-zgqv-jfef
22
vulnerability VCID-nc36-atc6-yua6
23
vulnerability VCID-nd8n-5dsu-2fbp
24
vulnerability VCID-pk74-yy1n-8qck
25
vulnerability VCID-r8pv-9upr-y7gd
26
vulnerability VCID-rhj7-dy7q-jkhw
27
vulnerability VCID-rr4q-f5cv-nkah
28
vulnerability VCID-t84c-8r34-57b9
29
vulnerability VCID-ty3y-k9t2-qyba
30
vulnerability VCID-u1xx-aazv-bkg5
31
vulnerability VCID-u4w3-usvb-jyf6
32
vulnerability VCID-uqcw-p8g2-cfd2
33
vulnerability VCID-utyg-huhu-2ucq
34
vulnerability VCID-vevm-4sfk-f7gq
35
vulnerability VCID-vq5y-hdw3-nucj
36
vulnerability VCID-w3q4-838v-97ck
37
vulnerability VCID-wbuz-qcp3-43aq
38
vulnerability VCID-wbvy-zrtk-audw
39
vulnerability VCID-ww44-hb2y-mfd5
40
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.5
aliases CVE-2017-6927, GHSA-585j-5449-mf5m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jnu7-1j9c-dqck
34
url VCID-k1gx-nznx-7qd6
vulnerability_id VCID-k1gx-nznx-7qd6
summary 
Drupal core Cross-site Scripting (XSS) vulnerability
Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions prior to 9.1.7; 9.0.x versions prior to 9.0.12; 8.9.x versions prior to 8.9.14; 7.x versions prior to 7.80.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13672
reference_id
reference_type
scores
0
value 0.00564
scoring_system epss
scoring_elements 0.68347
published_at 2026-04-01T12:55:00Z
1
value 0.00564
scoring_system epss
scoring_elements 0.68413
published_at 2026-04-13T12:55:00Z
2
value 0.00564
scoring_system epss
scoring_elements 0.68446
published_at 2026-04-12T12:55:00Z
3
value 0.00564
scoring_system epss
scoring_elements 0.68458
published_at 2026-04-11T12:55:00Z
4
value 0.00564
scoring_system epss
scoring_elements 0.68431
published_at 2026-04-09T12:55:00Z
5
value 0.00564
scoring_system epss
scoring_elements 0.68414
published_at 2026-04-08T12:55:00Z
6
value 0.00564
scoring_system epss
scoring_elements 0.68363
published_at 2026-04-07T12:55:00Z
7
value 0.00564
scoring_system epss
scoring_elements 0.68387
published_at 2026-04-04T12:55:00Z
8
value 0.00564
scoring_system epss
scoring_elements 0.68367
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13672
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://www.drupal.org/sa-core-2021-002
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2021-002
3
reference_url https://security.archlinux.org/AVG-1463
reference_id AVG-1463
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1463
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13672
reference_id CVE-2020-13672
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13672
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13672.yaml
reference_id CVE-2020-13672.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13672.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13672.yaml
reference_id CVE-2020-13672.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13672.yaml
7
reference_url https://github.com/advisories/GHSA-3m36-mjwj-352c
reference_id GHSA-3m36-mjwj-352c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3m36-mjwj-352c
fixed_packages
0
url pkg:composer/drupal/drupal@8.9.14
purl pkg:composer/drupal/drupal@8.9.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-rdgr-yuu7-xkey
10
vulnerability VCID-u4w3-usvb-jyf6
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.14
1
url pkg:composer/drupal/drupal@9.0.12
purl pkg:composer/drupal/drupal@9.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-rdgr-yuu7-xkey
10
vulnerability VCID-u4w3-usvb-jyf6
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.12
2
url pkg:composer/drupal/drupal@9.1.7
purl pkg:composer/drupal/drupal@9.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-rdgr-yuu7-xkey
10
vulnerability VCID-u4w3-usvb-jyf6
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.1.7
aliases CVE-2020-13672, GHSA-3m36-mjwj-352c
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1gx-nznx-7qd6
35
url VCID-kh51-g4cv-tqaw
vulnerability_id VCID-kh51-g4cv-tqaw
summary 
Drupal core uses a vulnerable Third-party library CKEditor
The Drupal project uses the third-party library [CKEditor](https://github.com/ckeditor/ckeditor4), which has released a [security improvement](https://ckeditor.com/blog/CKEditor-4.14-with-Paste-from-LibreOffice-released/#security-issues-fixed) that is needed to protect some Drupal configurations.

Vulnerabilities are possible if Drupal is configured to use the WYSIWYG CKEditor for your site's users. An attacker that can create or edit content may be able to exploit this Cross Site Scripting (XSS) vulnerability to target users with access to the WYSIWYG CKEditor, and this may include site admins with privileged access.

The latest versions of Drupal update CKEditor to 4.14 to mitigate the vulnerabilities.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2020-03-18.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2020-03-18.yaml
2
reference_url https://www.drupal.org/sa-core-2020-001
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2020-001
3
reference_url https://github.com/advisories/GHSA-337w-fxpq-5m34
reference_id GHSA-337w-fxpq-5m34
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-337w-fxpq-5m34
fixed_packages
0
url pkg:composer/drupal/drupal@8.7.12
purl pkg:composer/drupal/drupal@8.7.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5618-53yg-8qh4
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-cvxp-ctj9-guej
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-mapb-hsvc-2khc
8
vulnerability VCID-n119-gta2-kfg1
9
vulnerability VCID-n7un-zgqv-jfef
10
vulnerability VCID-r8pv-9upr-y7gd
11
vulnerability VCID-u4w3-usvb-jyf6
12
vulnerability VCID-uqcw-p8g2-cfd2
13
vulnerability VCID-vevm-4sfk-f7gq
14
vulnerability VCID-wbuz-qcp3-43aq
15
vulnerability VCID-wbvy-zrtk-audw
16
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.12
1
url pkg:composer/drupal/drupal@8.8.4
purl pkg:composer/drupal/drupal@8.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-5618-53yg-8qh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-cvxp-ctj9-guej
7
vulnerability VCID-dgjq-y5zj-cud1
8
vulnerability VCID-gbz5-5frj-hber
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-mapb-hsvc-2khc
11
vulnerability VCID-mhk6-9qdy-83f3
12
vulnerability VCID-n119-gta2-kfg1
13
vulnerability VCID-n7un-zgqv-jfef
14
vulnerability VCID-q4qx-7s1y-q3hc
15
vulnerability VCID-r8pv-9upr-y7gd
16
vulnerability VCID-rdgr-yuu7-xkey
17
vulnerability VCID-u4w3-usvb-jyf6
18
vulnerability VCID-uqcw-p8g2-cfd2
19
vulnerability VCID-v9v6-ae3e-g3hk
20
vulnerability VCID-vevm-4sfk-f7gq
21
vulnerability VCID-wbuz-qcp3-43aq
22
vulnerability VCID-wbvy-zrtk-audw
23
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.4
aliases GHSA-337w-fxpq-5m34
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kh51-g4cv-tqaw
36
url VCID-krhy-kg1b-rfbk
vulnerability_id VCID-krhy-kg1b-rfbk
summary 
File REST resource does not properly validate
The file REST resource does not properly validate some fields when manipulating files. the file REST resource is enabled and allows PATCH requests, and an attacker can get or register a user account on the site with permissions to upload files and to modify the file resource.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6921
reference_id
reference_type
scores
0
value 0.00463
scoring_system epss
scoring_elements 0.64204
published_at 2026-04-01T12:55:00Z
1
value 0.00463
scoring_system epss
scoring_elements 0.64289
published_at 2026-04-04T12:55:00Z
2
value 0.00463
scoring_system epss
scoring_elements 0.64262
published_at 2026-04-02T12:55:00Z
3
value 0.00463
scoring_system epss
scoring_elements 0.6429
published_at 2026-04-13T12:55:00Z
4
value 0.00463
scoring_system epss
scoring_elements 0.64316
published_at 2026-04-12T12:55:00Z
5
value 0.00463
scoring_system epss
scoring_elements 0.64327
published_at 2026-04-11T12:55:00Z
6
value 0.00463
scoring_system epss
scoring_elements 0.64314
published_at 2026-04-09T12:55:00Z
7
value 0.00463
scoring_system epss
scoring_elements 0.64299
published_at 2026-04-08T12:55:00Z
8
value 0.00463
scoring_system epss
scoring_elements 0.64249
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6921
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6921.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6921.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6921.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6921.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6921
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6921
5
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple
6
reference_url https://www.drupal.org/SA-CORE-2017-003
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-003
7
reference_url http://www.securityfocus.com/bid/99222
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/99222
8
reference_url http://www.securitytracker.com/id/1038781
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038781
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
10
reference_url https://github.com/advisories/GHSA-h377-287m-w2r9
reference_id GHSA-h377-287m-w2r9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h377-287m-w2r9
fixed_packages
0
url pkg:composer/drupal/drupal@8.3.4
purl pkg:composer/drupal/drupal@8.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-48ut-ykkc-83fx
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5tqs-qmqn-gug5
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-8nda-kjr2-ufd4
10
vulnerability VCID-9f24-vqyt-r7dq
11
vulnerability VCID-9vdz-1jpq-kue3
12
vulnerability VCID-bbzr-hbhv-yyee
13
vulnerability VCID-c9dm-17vt-4bbc
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-dgjq-y5zj-cud1
16
vulnerability VCID-g1rp-twzp-63e1
17
vulnerability VCID-ga35-289v-vqhr
18
vulnerability VCID-gzcu-sbks-wyfa
19
vulnerability VCID-jfq8-xxwa-mkd1
20
vulnerability VCID-jnu7-1j9c-dqck
21
vulnerability VCID-k1gx-nznx-7qd6
22
vulnerability VCID-kh51-g4cv-tqaw
23
vulnerability VCID-mapb-hsvc-2khc
24
vulnerability VCID-n119-gta2-kfg1
25
vulnerability VCID-n7un-zgqv-jfef
26
vulnerability VCID-nc36-atc6-yua6
27
vulnerability VCID-nd8n-5dsu-2fbp
28
vulnerability VCID-pk74-yy1n-8qck
29
vulnerability VCID-r8pv-9upr-y7gd
30
vulnerability VCID-rhj7-dy7q-jkhw
31
vulnerability VCID-rr4q-f5cv-nkah
32
vulnerability VCID-s9kv-9qfu-gbdq
33
vulnerability VCID-t84c-8r34-57b9
34
vulnerability VCID-ty3y-k9t2-qyba
35
vulnerability VCID-u1xx-aazv-bkg5
36
vulnerability VCID-u4w3-usvb-jyf6
37
vulnerability VCID-uqcw-p8g2-cfd2
38
vulnerability VCID-utyg-huhu-2ucq
39
vulnerability VCID-vevm-4sfk-f7gq
40
vulnerability VCID-vq5y-hdw3-nucj
41
vulnerability VCID-w3q4-838v-97ck
42
vulnerability VCID-wbuz-qcp3-43aq
43
vulnerability VCID-wbvy-zrtk-audw
44
vulnerability VCID-ww44-hb2y-mfd5
45
vulnerability VCID-wwvq-399y-rfhc
46
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.4
aliases CVE-2017-6921, GHSA-h377-287m-w2r9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-krhy-kg1b-rfbk
37
url VCID-mapb-hsvc-2khc
vulnerability_id VCID-mapb-hsvc-2khc
summary 
Unrestricted Upload of File with Dangerous Type
Drupal core sanitizes filenames with dangerous extensions upon upload (reference: SA-CORE-2020-012) and strips leading and trailing dots from filenames to prevent uploading server configuration files (reference: SA-CORE-2019-010). However, the protections for these two vulnerabilities previously does not work correctly together. As a result, if the site were configured to allow the upload of files with an htaccess extension, these files' filenames would not be properly sanitized. This could allow bypassing the protections provided by Drupal core's default .htaccess files and possible remote code execution on Apache web servers. This issue is mitigated by the fact that it requires a field administrator to explicitly configure a file field to allow htaccess as an extension (a restricted permission), or a contributed module or custom code that overrides allowed file uploads.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25277
reference_id
reference_type
scores
0
value 0.00294
scoring_system epss
scoring_elements 0.5268
published_at 2026-04-02T12:55:00Z
1
value 0.00294
scoring_system epss
scoring_elements 0.52734
published_at 2026-04-13T12:55:00Z
2
value 0.00294
scoring_system epss
scoring_elements 0.5275
published_at 2026-04-12T12:55:00Z
3
value 0.00294
scoring_system epss
scoring_elements 0.52766
published_at 2026-04-11T12:55:00Z
4
value 0.00294
scoring_system epss
scoring_elements 0.52716
published_at 2026-04-09T12:55:00Z
5
value 0.00294
scoring_system epss
scoring_elements 0.52722
published_at 2026-04-08T12:55:00Z
6
value 0.00294
scoring_system epss
scoring_elements 0.52671
published_at 2026-04-07T12:55:00Z
7
value 0.00294
scoring_system epss
scoring_elements 0.52706
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25277
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/drupal/core/commit/1cd1830d79f221cc8490f53c2bb487dd07094f17
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/1cd1830d79f221cc8490f53c2bb487dd07094f17
3
reference_url https://github.com/drupal/core/commit/5d464ea4407c50e40dcf6cb5ee376e7b8dd36f3a
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/5d464ea4407c50e40dcf6cb5ee376e7b8dd36f3a
4
reference_url https://www.drupal.org/sa-core-2022-014
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-03T18:41:13Z/
url https://www.drupal.org/sa-core-2022-014
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25277
reference_id CVE-2022-25277
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25277
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2022-25277.yaml
reference_id CVE-2022-25277.YAML
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2022-25277.yaml
7
reference_url https://github.com/advisories/GHSA-6955-67hm-vjjq
reference_id GHSA-6955-67hm-vjjq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6955-67hm-vjjq
fixed_packages
0
url pkg:composer/drupal/drupal@9.3.19
purl pkg:composer/drupal/drupal@9.3.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-q4qx-7s1y-q3hc
3
vulnerability VCID-rdgr-yuu7-xkey
4
vulnerability VCID-u4w3-usvb-jyf6
5
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.19
1
url pkg:composer/drupal/drupal@9.4.3
purl pkg:composer/drupal/drupal@9.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-bk92-66re-dkc5
3
vulnerability VCID-q4qx-7s1y-q3hc
4
vulnerability VCID-rdgr-yuu7-xkey
5
vulnerability VCID-u4w3-usvb-jyf6
6
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.4.3
aliases CVE-2022-25277, GHSA-6955-67hm-vjjq, GMS-2022-3361
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mapb-hsvc-2khc
38
url VCID-mt37-qzh7-gyfv
vulnerability_id VCID-mt37-qzh7-gyfv
summary 
Reflected file download vulnerability
The System module in Drupal might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrary JSON-encoded content.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3168
reference_id
reference_type
scores
0
value 0.00535
scoring_system epss
scoring_elements 0.67369
published_at 2026-04-01T12:55:00Z
1
value 0.00535
scoring_system epss
scoring_elements 0.67446
published_at 2026-04-13T12:55:00Z
2
value 0.00535
scoring_system epss
scoring_elements 0.6748
published_at 2026-04-12T12:55:00Z
3
value 0.00535
scoring_system epss
scoring_elements 0.67493
published_at 2026-04-11T12:55:00Z
4
value 0.00535
scoring_system epss
scoring_elements 0.67471
published_at 2026-04-09T12:55:00Z
5
value 0.00535
scoring_system epss
scoring_elements 0.67457
published_at 2026-04-08T12:55:00Z
6
value 0.00535
scoring_system epss
scoring_elements 0.67405
published_at 2026-04-07T12:55:00Z
7
value 0.00535
scoring_system epss
scoring_elements 0.67426
published_at 2026-04-04T12:55:00Z
8
value 0.00535
scoring_system epss
scoring_elements 0.67404
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3168
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
7
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3168.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3168.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3168.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3168.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3168
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:C/I:C/A:C
1
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
2
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3168
11
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
12
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
13
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
14
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
102
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
103
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
104
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
105
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
106
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
107
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
108
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
109
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
110
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
111
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
112
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
113
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
114
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
115
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
116
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
117
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
118
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
119
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
120
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
121
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
122
reference_url https://github.com/advisories/GHSA-qqxc-cppg-4xp8
reference_id GHSA-qqxc-cppg-4xp8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qqxc-cppg-4xp8
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3168, GHSA-qqxc-cppg-4xp8
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mt37-qzh7-gyfv
39
url VCID-n119-gta2-kfg1
vulnerability_id VCID-n119-gta2-kfg1
summary 
Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor
Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13669
reference_id
reference_type
scores
0
value 0.00204
scoring_system epss
scoring_elements 0.42418
published_at 2026-04-01T12:55:00Z
1
value 0.00204
scoring_system epss
scoring_elements 0.42471
published_at 2026-04-13T12:55:00Z
2
value 0.00204
scoring_system epss
scoring_elements 0.42501
published_at 2026-04-12T12:55:00Z
3
value 0.00204
scoring_system epss
scoring_elements 0.42538
published_at 2026-04-11T12:55:00Z
4
value 0.00204
scoring_system epss
scoring_elements 0.42516
published_at 2026-04-09T12:55:00Z
5
value 0.00204
scoring_system epss
scoring_elements 0.42506
published_at 2026-04-08T12:55:00Z
6
value 0.00204
scoring_system epss
scoring_elements 0.42455
published_at 2026-04-07T12:55:00Z
7
value 0.00204
scoring_system epss
scoring_elements 0.42518
published_at 2026-04-04T12:55:00Z
8
value 0.00204
scoring_system epss
scoring_elements 0.42489
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13669
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://www.drupal.org/sa-core-2020-010
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2020-010
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13669
reference_id CVE-2020-13669
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13669
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13669.yaml
reference_id CVE-2020-13669.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13669.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13669.yaml
reference_id CVE-2020-13669.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13669.yaml
6
reference_url https://github.com/advisories/GHSA-c533-c843-67h8
reference_id GHSA-c533-c843-67h8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c533-c843-67h8
fixed_packages
0
url pkg:composer/drupal/drupal@8.8.10
purl pkg:composer/drupal/drupal@8.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n7un-zgqv-jfef
10
vulnerability VCID-q4qx-7s1y-q3hc
11
vulnerability VCID-r8pv-9upr-y7gd
12
vulnerability VCID-rdgr-yuu7-xkey
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-v9v6-ae3e-g3hk
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.10
1
url pkg:composer/drupal/drupal@8.9.6
purl pkg:composer/drupal/drupal@8.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kc7d-5k6x-77bp
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-q4qx-7s1y-q3hc
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-rdgr-yuu7-xkey
14
vulnerability VCID-u4w3-usvb-jyf6
15
vulnerability VCID-v9v6-ae3e-g3hk
16
vulnerability VCID-vevm-4sfk-f7gq
17
vulnerability VCID-wbuz-qcp3-43aq
18
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.6
2
url pkg:composer/drupal/drupal@9.0.6
purl pkg:composer/drupal/drupal@9.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kc7d-5k6x-77bp
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-q4qx-7s1y-q3hc
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-rdgr-yuu7-xkey
14
vulnerability VCID-u4w3-usvb-jyf6
15
vulnerability VCID-v9v6-ae3e-g3hk
16
vulnerability VCID-vevm-4sfk-f7gq
17
vulnerability VCID-wbuz-qcp3-43aq
18
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.6
aliases CVE-2020-13669, GHSA-c533-c843-67h8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n119-gta2-kfg1
40
url VCID-n7un-zgqv-jfef
vulnerability_id VCID-n7un-zgqv-jfef
summary 
Lack of domain validation in Druple core
The Media oEmbed iframe route does not properly validate the iframe domain setting, which allows embeds to be displayed in the context of the primary domain. Under certain circumstances, this could lead to cross-site scripting, leaked cookies, or other vulnerabilities.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25276
reference_id
reference_type
scores
0
value 0.01256
scoring_system epss
scoring_elements 0.79371
published_at 2026-04-13T12:55:00Z
1
value 0.01256
scoring_system epss
scoring_elements 0.7933
published_at 2026-04-02T12:55:00Z
2
value 0.01256
scoring_system epss
scoring_elements 0.79353
published_at 2026-04-04T12:55:00Z
3
value 0.01256
scoring_system epss
scoring_elements 0.79339
published_at 2026-04-07T12:55:00Z
4
value 0.01256
scoring_system epss
scoring_elements 0.79365
published_at 2026-04-08T12:55:00Z
5
value 0.01256
scoring_system epss
scoring_elements 0.79374
published_at 2026-04-09T12:55:00Z
6
value 0.01256
scoring_system epss
scoring_elements 0.79397
published_at 2026-04-11T12:55:00Z
7
value 0.01256
scoring_system epss
scoring_elements 0.79382
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25276
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://www.drupal.org/sa-core-2022-015
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2022-015
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25276
reference_id CVE-2022-25276
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25276
4
reference_url https://github.com/advisories/GHSA-4wfq-jc9h-vpcx
reference_id GHSA-4wfq-jc9h-vpcx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4wfq-jc9h-vpcx
fixed_packages
0
url pkg:composer/drupal/drupal@9.3.19
purl pkg:composer/drupal/drupal@9.3.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-q4qx-7s1y-q3hc
3
vulnerability VCID-rdgr-yuu7-xkey
4
vulnerability VCID-u4w3-usvb-jyf6
5
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.19
1
url pkg:composer/drupal/drupal@9.4.3
purl pkg:composer/drupal/drupal@9.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-bk92-66re-dkc5
3
vulnerability VCID-q4qx-7s1y-q3hc
4
vulnerability VCID-rdgr-yuu7-xkey
5
vulnerability VCID-u4w3-usvb-jyf6
6
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.4.3
aliases CVE-2022-25276, GHSA-4wfq-jc9h-vpcx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n7un-zgqv-jfef
41
url VCID-nc36-atc6-yua6
vulnerability_id VCID-nc36-atc6-yua6
summary 
XSS Vulnerability
CKEditor, a third-party JavaScript library included in Drupal core, is affected by a cross-site scripting (XSS) vulnerability. It's possible to execute XSS inside CKEditor when using the `image2` plugin.
references
0
reference_url https://www.drupal.org/sa-core-2018-003
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2018-003
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.7
purl pkg:composer/drupal/drupal@8.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-gzcu-sbks-wyfa
13
vulnerability VCID-jfq8-xxwa-mkd1
14
vulnerability VCID-k1gx-nznx-7qd6
15
vulnerability VCID-kh51-g4cv-tqaw
16
vulnerability VCID-mapb-hsvc-2khc
17
vulnerability VCID-n119-gta2-kfg1
18
vulnerability VCID-n7un-zgqv-jfef
19
vulnerability VCID-nd8n-5dsu-2fbp
20
vulnerability VCID-pk74-yy1n-8qck
21
vulnerability VCID-r8pv-9upr-y7gd
22
vulnerability VCID-rhj7-dy7q-jkhw
23
vulnerability VCID-rr4q-f5cv-nkah
24
vulnerability VCID-t84c-8r34-57b9
25
vulnerability VCID-ty3y-k9t2-qyba
26
vulnerability VCID-u1xx-aazv-bkg5
27
vulnerability VCID-u4w3-usvb-jyf6
28
vulnerability VCID-uqcw-p8g2-cfd2
29
vulnerability VCID-utyg-huhu-2ucq
30
vulnerability VCID-vevm-4sfk-f7gq
31
vulnerability VCID-vq5y-hdw3-nucj
32
vulnerability VCID-w3q4-838v-97ck
33
vulnerability VCID-wbuz-qcp3-43aq
34
vulnerability VCID-wbvy-zrtk-audw
35
vulnerability VCID-ww44-hb2y-mfd5
36
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.7
1
url pkg:composer/drupal/drupal@8.5.2
purl pkg:composer/drupal/drupal@8.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-djgn-ezxp-37eu
13
vulnerability VCID-gzcu-sbks-wyfa
14
vulnerability VCID-jfq8-xxwa-mkd1
15
vulnerability VCID-k1gx-nznx-7qd6
16
vulnerability VCID-kh51-g4cv-tqaw
17
vulnerability VCID-mapb-hsvc-2khc
18
vulnerability VCID-n119-gta2-kfg1
19
vulnerability VCID-n7un-zgqv-jfef
20
vulnerability VCID-nd8n-5dsu-2fbp
21
vulnerability VCID-pk74-yy1n-8qck
22
vulnerability VCID-r8pv-9upr-y7gd
23
vulnerability VCID-rhj7-dy7q-jkhw
24
vulnerability VCID-rr4q-f5cv-nkah
25
vulnerability VCID-t84c-8r34-57b9
26
vulnerability VCID-ty3y-k9t2-qyba
27
vulnerability VCID-u1xx-aazv-bkg5
28
vulnerability VCID-u4w3-usvb-jyf6
29
vulnerability VCID-uqcw-p8g2-cfd2
30
vulnerability VCID-utyg-huhu-2ucq
31
vulnerability VCID-vevm-4sfk-f7gq
32
vulnerability VCID-vq5y-hdw3-nucj
33
vulnerability VCID-w3q4-838v-97ck
34
vulnerability VCID-wbuz-qcp3-43aq
35
vulnerability VCID-wbvy-zrtk-audw
36
vulnerability VCID-ww44-hb2y-mfd5
37
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.2
aliases SA-CORE-2018-003
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nc36-atc6-yua6
42
url VCID-nd8n-5dsu-2fbp
vulnerability_id VCID-nd8n-5dsu-2fbp
summary 
Code Injection
Injection in `DefaultMailSystem::mail()`.
references
0
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2018-006
fixed_packages
0
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases 2018-10-17-4
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nd8n-5dsu-2fbp
43
url VCID-pk74-yy1n-8qck
vulnerability_id VCID-pk74-yy1n-8qck
summary 
Drupal core Access control bypass
The Media Library module has a security vulnerability whereby it doesn't sufficiently restrict access to media items in certain configurations.

### Solution: 
If you are using Drupal 8.7.x, you should upgrade to Drupal 8.7.11.
If you are using Drupal 8.8.x, you should upgrade to Drupal 8.8.1.
Versions of Drupal 8 prior to 8.7.x are end-of-life and do not receive security coverage.

Alternatively, you may mitigate this vulnerability by unchecking the "Enable advanced UI" checkbox on `/admin/config/media/media-library`. (This mitigation is not available in 8.7.x.)
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-3.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-3.yaml
2
reference_url https://www.drupal.org/sa-core-2019-011
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-011
3
reference_url https://github.com/advisories/GHSA-5x28-3f32-x523
reference_id GHSA-5x28-3f32-x523
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5x28-3f32-x523
fixed_packages
0
url pkg:composer/drupal/drupal@8.7.11
purl pkg:composer/drupal/drupal@8.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5618-53yg-8qh4
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-cvxp-ctj9-guej
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-kh51-g4cv-tqaw
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n119-gta2-kfg1
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-nj3a-eb59-jygs
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-uqcw-p8g2-cfd2
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
18
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.11
1
url pkg:composer/drupal/drupal@8.8.1
purl pkg:composer/drupal/drupal@8.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-5618-53yg-8qh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-cvxp-ctj9-guej
7
vulnerability VCID-dgjq-y5zj-cud1
8
vulnerability VCID-gbz5-5frj-hber
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-kh51-g4cv-tqaw
11
vulnerability VCID-mapb-hsvc-2khc
12
vulnerability VCID-mhk6-9qdy-83f3
13
vulnerability VCID-n119-gta2-kfg1
14
vulnerability VCID-n7un-zgqv-jfef
15
vulnerability VCID-nj3a-eb59-jygs
16
vulnerability VCID-q4qx-7s1y-q3hc
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rdgr-yuu7-xkey
19
vulnerability VCID-u4w3-usvb-jyf6
20
vulnerability VCID-uqcw-p8g2-cfd2
21
vulnerability VCID-v9v6-ae3e-g3hk
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-wbuz-qcp3-43aq
24
vulnerability VCID-wbvy-zrtk-audw
25
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.1
aliases GHSA-5x28-3f32-x523
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pk74-yy1n-8qck
44
url VCID-r8pv-9upr-y7gd
vulnerability_id VCID-r8pv-9upr-y7gd
summary 
Drupal Cross-Site Scripting (XSS) affecting CKEditor Third-party library
The Drupal project uses the CKEditor, library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal.

Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can create or edit content (even without access to CKEditor themselves) may be able to exploit one or more Cross-Site Scripting (XSS) vulnerabilities to target users with access to the WYSIWYG CKEditor, including site admins with privileged access.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2021-05-26.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2021-05-26.yaml
2
reference_url https://www.drupal.org/sa-core-2021-005
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2021-005
3
reference_url https://github.com/advisories/GHSA-qf65-hph9-453r
reference_id GHSA-qf65-hph9-453r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qf65-hph9-453r
fixed_packages
0
url pkg:composer/drupal/drupal@8.9.16
purl pkg:composer/drupal/drupal@8.9.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-rdgr-yuu7-xkey
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-vevm-4sfk-f7gq
11
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.16
1
url pkg:composer/drupal/drupal@9.1.12
purl pkg:composer/drupal/drupal@9.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-rdgr-yuu7-xkey
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-vevm-4sfk-f7gq
11
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.1.12
2
url pkg:composer/drupal/drupal@9.2.4
purl pkg:composer/drupal/drupal@9.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-674z-nf4t-b7ez
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-b4yh-gyrx-3yhh
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-dgjq-y5zj-cud1
7
vulnerability VCID-gypk-ukbc-7qe3
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n7un-zgqv-jfef
10
vulnerability VCID-q4qx-7s1y-q3hc
11
vulnerability VCID-rdgr-yuu7-xkey
12
vulnerability VCID-sbmj-9trz-2ybf
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-vevm-4sfk-f7gq
15
vulnerability VCID-wbuz-qcp3-43aq
16
vulnerability VCID-zw3u-6ue7-efdf
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.2.4
aliases GHSA-qf65-hph9-453r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8pv-9upr-y7gd
45
url VCID-rhj7-dy7q-jkhw
vulnerability_id VCID-rhj7-dy7q-jkhw
summary 
Drupal Core Remote Code Execution Vulnerability
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6340
reference_id
reference_type
scores
0
value 0.94436
scoring_system epss
scoring_elements 0.99988
published_at 2026-04-04T12:55:00Z
1
value 0.94436
scoring_system epss
scoring_elements 0.99987
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6340
1
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
2
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-6340
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-6340
3
reference_url https://www.drupal.org/sa-core-2019-003
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:47Z/
url https://www.drupal.org/sa-core-2019-003
4
reference_url https://www.exploit-db.com/exploits/46452
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/46452
5
reference_url https://www.exploit-db.com/exploits/46452/
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:47Z/
url https://www.exploit-db.com/exploits/46452/
6
reference_url https://www.exploit-db.com/exploits/46459
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/46459
7
reference_url https://www.exploit-db.com/exploits/46459/
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:47Z/
url https://www.exploit-db.com/exploits/46459/
8
reference_url https://www.exploit-db.com/exploits/46510
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/46510
9
reference_url https://www.exploit-db.com/exploits/46510/
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:47Z/
url https://www.exploit-db.com/exploits/46510/
10
reference_url https://www.synology.com/security/advisory/Synology_SA_19_09
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:47Z/
url https://www.synology.com/security/advisory/Synology_SA_19_09
11
reference_url http://www.securityfocus.com/bid/107106
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:38:47Z/
url http://www.securityfocus.com/bid/107106
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46510.rb
reference_id CVE-2019-6340
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46510.rb
14
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46452.txt
reference_id CVE-2019-6340
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46452.txt
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46459.py
reference_id CVE-2019-6340
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/46459.py
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6340
reference_id CVE-2019-6340
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6340
17
reference_url https://raw.githubusercontent.com/rapid7/metasploit-framework/6ff18828c0273b7170469939a49e4b063d561799/modules/exploits/unix/webapp/drupal_restws_unserialize.rb
reference_id CVE-2019-6340
reference_type exploit
scores
url https://raw.githubusercontent.com/rapid7/metasploit-framework/6ff18828c0273b7170469939a49e4b063d561799/modules/exploits/unix/webapp/drupal_restws_unserialize.rb
18
reference_url https://www.ambionics.io/blog/drupal8-rce
reference_id CVE-2019-6340
reference_type exploit
scores
url https://www.ambionics.io/blog/drupal8-rce
19
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6340.yaml
reference_id CVE-2019-6340.YAML
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6340.yaml
20
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6340.yaml
reference_id CVE-2019-6340.YAML
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6340.yaml
21
reference_url https://github.com/advisories/GHSA-3gx6-h57h-rm27
reference_id GHSA-3gx6-h57h-rm27
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3gx6-h57h-rm27
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.11
purl pkg:composer/drupal/drupal@8.5.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-565p-mgqe-gkfc
2
vulnerability VCID-636u-5bdw-puh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-dgjq-y5zj-cud1
7
vulnerability VCID-djgn-ezxp-37eu
8
vulnerability VCID-jfq8-xxwa-mkd1
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-kh51-g4cv-tqaw
11
vulnerability VCID-mapb-hsvc-2khc
12
vulnerability VCID-n119-gta2-kfg1
13
vulnerability VCID-n7un-zgqv-jfef
14
vulnerability VCID-pk74-yy1n-8qck
15
vulnerability VCID-r8pv-9upr-y7gd
16
vulnerability VCID-ty3y-k9t2-qyba
17
vulnerability VCID-u4w3-usvb-jyf6
18
vulnerability VCID-uqcw-p8g2-cfd2
19
vulnerability VCID-vevm-4sfk-f7gq
20
vulnerability VCID-w3q4-838v-97ck
21
vulnerability VCID-wbuz-qcp3-43aq
22
vulnerability VCID-wbvy-zrtk-audw
23
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.11
1
url pkg:composer/drupal/drupal@8.6.10
purl pkg:composer/drupal/drupal@8.6.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-565p-mgqe-gkfc
2
vulnerability VCID-636u-5bdw-puh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-dgjq-y5zj-cud1
7
vulnerability VCID-djgn-ezxp-37eu
8
vulnerability VCID-jfq8-xxwa-mkd1
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-kh51-g4cv-tqaw
11
vulnerability VCID-mapb-hsvc-2khc
12
vulnerability VCID-n119-gta2-kfg1
13
vulnerability VCID-n7un-zgqv-jfef
14
vulnerability VCID-pk74-yy1n-8qck
15
vulnerability VCID-r8pv-9upr-y7gd
16
vulnerability VCID-ty3y-k9t2-qyba
17
vulnerability VCID-u4w3-usvb-jyf6
18
vulnerability VCID-uqcw-p8g2-cfd2
19
vulnerability VCID-vevm-4sfk-f7gq
20
vulnerability VCID-w3q4-838v-97ck
21
vulnerability VCID-wbuz-qcp3-43aq
22
vulnerability VCID-wbvy-zrtk-audw
23
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.10
aliases CVE-2019-6340, GHSA-3gx6-h57h-rm27
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhj7-dy7q-jkhw
46
url VCID-rr4q-f5cv-nkah
vulnerability_id VCID-rr4q-f5cv-nkah
summary 
URL Redirection to Untrusted Site ('Open Redirect')
Anonymous Open Redirect in drupal.
references
0
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2018-006
fixed_packages
0
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases 2018-10-17-3
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rr4q-f5cv-nkah
47
url VCID-s8u8-xbdk-87dj
vulnerability_id VCID-s8u8-xbdk-87dj
summary 
ckeditor4 vulnerable to cross-site scripting
A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because `--!>` is mishandled.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33829
reference_id
reference_type
scores
0
value 0.49674
scoring_system epss
scoring_elements 0.97782
published_at 2026-04-01T12:55:00Z
1
value 0.49674
scoring_system epss
scoring_elements 0.97806
published_at 2026-04-13T12:55:00Z
2
value 0.49674
scoring_system epss
scoring_elements 0.97805
published_at 2026-04-12T12:55:00Z
3
value 0.49674
scoring_system epss
scoring_elements 0.97803
published_at 2026-04-11T12:55:00Z
4
value 0.49674
scoring_system epss
scoring_elements 0.978
published_at 2026-04-09T12:55:00Z
5
value 0.49674
scoring_system epss
scoring_elements 0.97797
published_at 2026-04-08T12:55:00Z
6
value 0.49674
scoring_system epss
scoring_elements 0.97793
published_at 2026-04-07T12:55:00Z
7
value 0.49674
scoring_system epss
scoring_elements 0.9779
published_at 2026-04-04T12:55:00Z
8
value 0.49674
scoring_system epss
scoring_elements 0.97788
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33829
1
reference_url https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33829
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33829
3
reference_url https://github.com/ckeditor/ckeditor4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor4
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2021-33829.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2021-33829.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2021-33829.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2021-33829.yaml
6
reference_url https://lists.debian.org/debian-lts-announce/2021/11/msg00007.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/11/msg00007.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYA354LJP47KCVJMTUO77ZCX3ZK42G3T/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVOYN2WKDPLKCNILIGEZM236ABQASLGW/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WAGNWHFIQAVCP537KFFS2A2GDG66J7XD/
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33829
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33829
14
reference_url https://www.drupal.org/sa-core-2021-003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2021-003
15
reference_url https://www.npmjs.com/package/ckeditor4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/ckeditor4
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217
reference_id 1015217
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217
17
reference_url https://security.archlinux.org/ASA-202106-35
reference_id ASA-202106-35
reference_type
scores
url https://security.archlinux.org/ASA-202106-35
18
reference_url https://security.archlinux.org/AVG-2069
reference_id AVG-2069
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2069
19
reference_url https://github.com/advisories/GHSA-rgx6-rjj4-c388
reference_id GHSA-rgx6-rjj4-c388
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rgx6-rjj4-c388
20
reference_url https://usn.ubuntu.com/5340-1/
reference_id USN-5340-1
reference_type
scores
url https://usn.ubuntu.com/5340-1/
21
reference_url https://usn.ubuntu.com/USN-5340-2/
reference_id USN-USN-5340-2
reference_type
scores
url https://usn.ubuntu.com/USN-5340-2/
fixed_packages
0
url pkg:composer/drupal/drupal@8.9.16
purl pkg:composer/drupal/drupal@8.9.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-rdgr-yuu7-xkey
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-vevm-4sfk-f7gq
11
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.16
1
url pkg:composer/drupal/drupal@9.0.14
purl pkg:composer/drupal/drupal@9.0.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-rdgr-yuu7-xkey
10
vulnerability VCID-u4w3-usvb-jyf6
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.14
2
url pkg:composer/drupal/drupal@9.1.9
purl pkg:composer/drupal/drupal@9.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n7un-zgqv-jfef
7
vulnerability VCID-q4qx-7s1y-q3hc
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-rdgr-yuu7-xkey
10
vulnerability VCID-u4w3-usvb-jyf6
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.1.9
aliases CVE-2021-33829, GHSA-rgx6-rjj4-c388
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s8u8-xbdk-87dj
48
url VCID-s9kv-9qfu-gbdq
vulnerability_id VCID-s9kv-9qfu-gbdq
summary 
Incorrect Permission Assignment for Critical Resource
When using Drupal's private file system, Drupal will check to make sure a user has access to a file before allowing the user to view or download it. This check fails under certain conditions in which one module is trying to grant access to the file and another is trying to deny it, leading to an access bypass vulnerability. This vulnerability is mitigated by the fact that it only occurs for unusual site configurations.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6928
reference_id
reference_type
scores
0
value 0.00277
scoring_system epss
scoring_elements 0.51075
published_at 2026-04-01T12:55:00Z
1
value 0.00277
scoring_system epss
scoring_elements 0.5117
published_at 2026-04-13T12:55:00Z
2
value 0.00277
scoring_system epss
scoring_elements 0.51185
published_at 2026-04-12T12:55:00Z
3
value 0.00277
scoring_system epss
scoring_elements 0.51207
published_at 2026-04-11T12:55:00Z
4
value 0.00277
scoring_system epss
scoring_elements 0.51162
published_at 2026-04-09T12:55:00Z
5
value 0.00277
scoring_system epss
scoring_elements 0.51166
published_at 2026-04-08T12:55:00Z
6
value 0.00277
scoring_system epss
scoring_elements 0.5111
published_at 2026-04-07T12:55:00Z
7
value 0.00277
scoring_system epss
scoring_elements 0.51153
published_at 2026-04-04T12:55:00Z
8
value 0.00277
scoring_system epss
scoring_elements 0.51129
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6928
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
5
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6928.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6928.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6928.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6928.yaml
8
reference_url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
9
reference_url https://www.debian.org/security/2018/dsa-4123
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4123
10
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
11
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6928
reference_id CVE-2017-6928
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6928
13
reference_url https://github.com/advisories/GHSA-66mv-q8r2-hj8w
reference_id GHSA-66mv-q8r2-hj8w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-66mv-q8r2-hj8w
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.5
purl pkg:composer/drupal/drupal@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-ga35-289v-vqhr
15
vulnerability VCID-gzcu-sbks-wyfa
16
vulnerability VCID-jfq8-xxwa-mkd1
17
vulnerability VCID-k1gx-nznx-7qd6
18
vulnerability VCID-kh51-g4cv-tqaw
19
vulnerability VCID-mapb-hsvc-2khc
20
vulnerability VCID-n119-gta2-kfg1
21
vulnerability VCID-n7un-zgqv-jfef
22
vulnerability VCID-nc36-atc6-yua6
23
vulnerability VCID-nd8n-5dsu-2fbp
24
vulnerability VCID-pk74-yy1n-8qck
25
vulnerability VCID-r8pv-9upr-y7gd
26
vulnerability VCID-rhj7-dy7q-jkhw
27
vulnerability VCID-rr4q-f5cv-nkah
28
vulnerability VCID-t84c-8r34-57b9
29
vulnerability VCID-ty3y-k9t2-qyba
30
vulnerability VCID-u1xx-aazv-bkg5
31
vulnerability VCID-u4w3-usvb-jyf6
32
vulnerability VCID-uqcw-p8g2-cfd2
33
vulnerability VCID-utyg-huhu-2ucq
34
vulnerability VCID-vevm-4sfk-f7gq
35
vulnerability VCID-vq5y-hdw3-nucj
36
vulnerability VCID-w3q4-838v-97ck
37
vulnerability VCID-wbuz-qcp3-43aq
38
vulnerability VCID-wbvy-zrtk-audw
39
vulnerability VCID-ww44-hb2y-mfd5
40
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.5
aliases CVE-2017-6928, GHSA-66mv-q8r2-hj8w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s9kv-9qfu-gbdq
49
url VCID-sktb-khbq-cuaq
vulnerability_id VCID-sktb-khbq-cuaq
summary 
Incorrect cache context on password reset page
The user password reset form does not specify a proper cache context, which can lead to cache poisoning and unwanted content on the page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9450
reference_id
reference_type
scores
0
value 0.00227
scoring_system epss
scoring_elements 0.45439
published_at 2026-04-02T12:55:00Z
1
value 0.00227
scoring_system epss
scoring_elements 0.4546
published_at 2026-04-09T12:55:00Z
2
value 0.00227
scoring_system epss
scoring_elements 0.45365
published_at 2026-04-01T12:55:00Z
3
value 0.00227
scoring_system epss
scoring_elements 0.45452
published_at 2026-04-13T12:55:00Z
4
value 0.00227
scoring_system epss
scoring_elements 0.45451
published_at 2026-04-12T12:55:00Z
5
value 0.00227
scoring_system epss
scoring_elements 0.45481
published_at 2026-04-11T12:55:00Z
6
value 0.00227
scoring_system epss
scoring_elements 0.45459
published_at 2026-04-08T12:55:00Z
7
value 0.00227
scoring_system epss
scoring_elements 0.45405
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9450
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9450.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9450.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9450.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9450.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9450
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9450
5
reference_url https://www.drupal.org/SA-CORE-2016-005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-005
6
reference_url http://www.securityfocus.com/bid/94367
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94367
7
reference_url https://security.archlinux.org/ASA-201611-20
reference_id ASA-201611-20
reference_type
scores
url https://security.archlinux.org/ASA-201611-20
8
reference_url https://security.archlinux.org/AVG-74
reference_id AVG-74
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-74
9
reference_url https://github.com/advisories/GHSA-98w5-wqp9-w466
reference_id GHSA-98w5-wqp9-w466
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-98w5-wqp9-w466
fixed_packages
0
url pkg:composer/drupal/drupal@8.2.3
purl pkg:composer/drupal/drupal@8.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-fm5k-u7s6-wfhb
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gzcu-sbks-wyfa
22
vulnerability VCID-hpsp-5qtj-v7dq
23
vulnerability VCID-hzr8-ttbu-ebhg
24
vulnerability VCID-jfq8-xxwa-mkd1
25
vulnerability VCID-jnu7-1j9c-dqck
26
vulnerability VCID-k1gx-nznx-7qd6
27
vulnerability VCID-kh51-g4cv-tqaw
28
vulnerability VCID-krhy-kg1b-rfbk
29
vulnerability VCID-m1ur-bb9m-m7d5
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-t84c-8r34-57b9
41
vulnerability VCID-ty3y-k9t2-qyba
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-uqcw-p8g2-cfd2
45
vulnerability VCID-utyg-huhu-2ucq
46
vulnerability VCID-vevm-4sfk-f7gq
47
vulnerability VCID-vq5y-hdw3-nucj
48
vulnerability VCID-w3q4-838v-97ck
49
vulnerability VCID-wbuz-qcp3-43aq
50
vulnerability VCID-wbvy-zrtk-audw
51
vulnerability VCID-ww44-hb2y-mfd5
52
vulnerability VCID-wwvq-399y-rfhc
53
vulnerability VCID-y74s-ghyc-2bhs
54
vulnerability VCID-yare-57j9-j7cs
55
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.2.3
aliases CVE-2016-9450, GHSA-98w5-wqp9-w466
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sktb-khbq-cuaq
50
url VCID-ssyn-dxp9-3kdq
vulnerability_id VCID-ssyn-dxp9-3kdq
summary 
Drupal Core Cross-Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13663
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.4453
published_at 2026-04-01T12:55:00Z
1
value 0.0022
scoring_system epss
scoring_elements 0.44629
published_at 2026-04-04T12:55:00Z
2
value 0.0022
scoring_system epss
scoring_elements 0.44607
published_at 2026-04-02T12:55:00Z
3
value 0.0022
scoring_system epss
scoring_elements 0.4461
published_at 2026-04-13T12:55:00Z
4
value 0.0022
scoring_system epss
scoring_elements 0.44609
published_at 2026-04-12T12:55:00Z
5
value 0.0022
scoring_system epss
scoring_elements 0.44638
published_at 2026-04-11T12:55:00Z
6
value 0.0022
scoring_system epss
scoring_elements 0.44621
published_at 2026-04-09T12:55:00Z
7
value 0.0022
scoring_system epss
scoring_elements 0.44618
published_at 2026-04-08T12:55:00Z
8
value 0.0022
scoring_system epss
scoring_elements 0.44567
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13663
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13663
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/drupal/core/commit/5f3c4d80fd77df0cfa87722b446db54040d55693
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/5f3c4d80fd77df0cfa87722b446db54040d55693
4
reference_url https://github.com/drupal/core/commit/bc3235dcb5570bbda62ef9547e7604ee060b72c6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/bc3235dcb5570bbda62ef9547e7604ee060b72c6
5
reference_url https://github.com/drupal/core/commit/faf3243c4ce03bbaab386af2b272b363fd0dfddb
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/faf3243c4ce03bbaab386af2b272b363fd0dfddb
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13663.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13663.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13663.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13663.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13663
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13663
9
reference_url https://www.drupal.org/sa-core-2020-004
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2020-004
10
reference_url https://github.com/advisories/GHSA-m648-hpf8-qcjw
reference_id GHSA-m648-hpf8-qcjw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m648-hpf8-qcjw
fixed_packages
0
url pkg:composer/drupal/drupal@8.8.8
purl pkg:composer/drupal/drupal@8.8.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-mhk6-9qdy-83f3
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-q4qx-7s1y-q3hc
13
vulnerability VCID-r8pv-9upr-y7gd
14
vulnerability VCID-rdgr-yuu7-xkey
15
vulnerability VCID-u4w3-usvb-jyf6
16
vulnerability VCID-uqcw-p8g2-cfd2
17
vulnerability VCID-v9v6-ae3e-g3hk
18
vulnerability VCID-vevm-4sfk-f7gq
19
vulnerability VCID-wbuz-qcp3-43aq
20
vulnerability VCID-wbvy-zrtk-audw
21
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.8
1
url pkg:composer/drupal/drupal@8.9.1
purl pkg:composer/drupal/drupal@8.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kc7d-5k6x-77bp
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-mhk6-9qdy-83f3
11
vulnerability VCID-n119-gta2-kfg1
12
vulnerability VCID-n7un-zgqv-jfef
13
vulnerability VCID-q4qx-7s1y-q3hc
14
vulnerability VCID-r8pv-9upr-y7gd
15
vulnerability VCID-rdgr-yuu7-xkey
16
vulnerability VCID-u4w3-usvb-jyf6
17
vulnerability VCID-uqcw-p8g2-cfd2
18
vulnerability VCID-v9v6-ae3e-g3hk
19
vulnerability VCID-vevm-4sfk-f7gq
20
vulnerability VCID-wbuz-qcp3-43aq
21
vulnerability VCID-wbvy-zrtk-audw
22
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.1
2
url pkg:composer/drupal/drupal@9.0.1
purl pkg:composer/drupal/drupal@9.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kc7d-5k6x-77bp
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-mhk6-9qdy-83f3
11
vulnerability VCID-n119-gta2-kfg1
12
vulnerability VCID-n7un-zgqv-jfef
13
vulnerability VCID-q4qx-7s1y-q3hc
14
vulnerability VCID-r8pv-9upr-y7gd
15
vulnerability VCID-rdgr-yuu7-xkey
16
vulnerability VCID-u4w3-usvb-jyf6
17
vulnerability VCID-uqcw-p8g2-cfd2
18
vulnerability VCID-v9v6-ae3e-g3hk
19
vulnerability VCID-vevm-4sfk-f7gq
20
vulnerability VCID-wbuz-qcp3-43aq
21
vulnerability VCID-wbvy-zrtk-audw
22
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.1
aliases CVE-2020-13663, GHSA-m648-hpf8-qcjw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssyn-dxp9-3kdq
51
url VCID-t84c-8r34-57b9
vulnerability_id VCID-t84c-8r34-57b9
summary 
Drupal Content moderation Access bypass
In some conditions, drupal content moderation fails to check a users access to use certain transitions, leading to an access bypass.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-1.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-1.yaml
2
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-006
3
reference_url https://github.com/advisories/GHSA-86xw-vmcx-9mj4
reference_id GHSA-86xw-vmcx-9mj4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-86xw-vmcx-9mj4
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.8
purl pkg:composer/drupal/drupal@8.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-c9dm-17vt-4bbc
8
vulnerability VCID-cucx-jfqf-pkd1
9
vulnerability VCID-dgjq-y5zj-cud1
10
vulnerability VCID-djgn-ezxp-37eu
11
vulnerability VCID-gzcu-sbks-wyfa
12
vulnerability VCID-jfq8-xxwa-mkd1
13
vulnerability VCID-k1gx-nznx-7qd6
14
vulnerability VCID-kh51-g4cv-tqaw
15
vulnerability VCID-mapb-hsvc-2khc
16
vulnerability VCID-n119-gta2-kfg1
17
vulnerability VCID-n7un-zgqv-jfef
18
vulnerability VCID-nd8n-5dsu-2fbp
19
vulnerability VCID-pk74-yy1n-8qck
20
vulnerability VCID-r8pv-9upr-y7gd
21
vulnerability VCID-rhj7-dy7q-jkhw
22
vulnerability VCID-rr4q-f5cv-nkah
23
vulnerability VCID-ty3y-k9t2-qyba
24
vulnerability VCID-u1xx-aazv-bkg5
25
vulnerability VCID-u4w3-usvb-jyf6
26
vulnerability VCID-uqcw-p8g2-cfd2
27
vulnerability VCID-vevm-4sfk-f7gq
28
vulnerability VCID-w3q4-838v-97ck
29
vulnerability VCID-wbuz-qcp3-43aq
30
vulnerability VCID-wbvy-zrtk-audw
31
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.8
1
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases GHSA-86xw-vmcx-9mj4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t84c-8r34-57b9
52
url VCID-tk6t-srar-h7a8
vulnerability_id VCID-tk6t-srar-h7a8
summary 
Improper Access Control
The Form API in Drupal ignores access restrictions on submit buttons, which might allow remote attackers to bypass intended access restrictions by leveraging permission to submit a form with a button that has `#access` set to `FALSE` in the server-side form definition.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3165
reference_id
reference_type
scores
0
value 0.00607
scoring_system epss
scoring_elements 0.69621
published_at 2026-04-02T12:55:00Z
1
value 0.00607
scoring_system epss
scoring_elements 0.69637
published_at 2026-04-04T12:55:00Z
2
value 0.00607
scoring_system epss
scoring_elements 0.69608
published_at 2026-04-01T12:55:00Z
3
value 0.00607
scoring_system epss
scoring_elements 0.69678
published_at 2026-04-13T12:55:00Z
4
value 0.00607
scoring_system epss
scoring_elements 0.69691
published_at 2026-04-12T12:55:00Z
5
value 0.00607
scoring_system epss
scoring_elements 0.69706
published_at 2026-04-11T12:55:00Z
6
value 0.00607
scoring_system epss
scoring_elements 0.69684
published_at 2026-04-09T12:55:00Z
7
value 0.00607
scoring_system epss
scoring_elements 0.69666
published_at 2026-04-08T12:55:00Z
8
value 0.00607
scoring_system epss
scoring_elements 0.69615
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3165
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3165.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3165.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3165.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3165.yaml
4
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
5
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
6
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
7
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3165
reference_id CVE-2016-3165
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3165
56
reference_url https://github.com/advisories/GHSA-4gh5-3hqj-x3pj
reference_id GHSA-4gh5-3hqj-x3pj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4gh5-3hqj-x3pj
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3165, GHSA-4gh5-3hqj-x3pj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tk6t-srar-h7a8
53
url VCID-ty3y-k9t2-qyba
vulnerability_id VCID-ty3y-k9t2-qyba
summary 
Drupal Malicious file upload with filenames stating with dot
Drupal 8 core's file_save_upload() function does not strip the leading and trailing dot ('.') from filenames, like Drupal 7 did.

Users with the ability to upload files with any extension in conjunction with contributed modules may be able to use this to upload system files such as .htaccess in order to bypass protections afforded by Drupal's default .htaccess file.

After this fix, file_save_upload() now trims leading and trailing dots from filenames.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-2.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-2.yaml
2
reference_url https://www.drupal.org/sa-core-2019-010
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-010
3
reference_url https://github.com/advisories/GHSA-58xv-7h9r-mx3c
reference_id GHSA-58xv-7h9r-mx3c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-58xv-7h9r-mx3c
fixed_packages
0
url pkg:composer/drupal/drupal@8.7.11
purl pkg:composer/drupal/drupal@8.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5618-53yg-8qh4
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-cvxp-ctj9-guej
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-kh51-g4cv-tqaw
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n119-gta2-kfg1
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-nj3a-eb59-jygs
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-uqcw-p8g2-cfd2
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
18
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.11
1
url pkg:composer/drupal/drupal@8.8.1
purl pkg:composer/drupal/drupal@8.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-5618-53yg-8qh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-cvxp-ctj9-guej
7
vulnerability VCID-dgjq-y5zj-cud1
8
vulnerability VCID-gbz5-5frj-hber
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-kh51-g4cv-tqaw
11
vulnerability VCID-mapb-hsvc-2khc
12
vulnerability VCID-mhk6-9qdy-83f3
13
vulnerability VCID-n119-gta2-kfg1
14
vulnerability VCID-n7un-zgqv-jfef
15
vulnerability VCID-nj3a-eb59-jygs
16
vulnerability VCID-q4qx-7s1y-q3hc
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rdgr-yuu7-xkey
19
vulnerability VCID-u4w3-usvb-jyf6
20
vulnerability VCID-uqcw-p8g2-cfd2
21
vulnerability VCID-v9v6-ae3e-g3hk
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-wbuz-qcp3-43aq
24
vulnerability VCID-wbvy-zrtk-audw
25
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.1
aliases GHSA-58xv-7h9r-mx3c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ty3y-k9t2-qyba
54
url VCID-u1xx-aazv-bkg5
vulnerability_id VCID-u1xx-aazv-bkg5
summary 
Improper Access Control
In some conditions, content moderation fails to check a users access to use certain transitions, leading to an access bypass.
references
0
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2018-006
fixed_packages
0
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases 2018-10-17-5
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u1xx-aazv-bkg5
55
url VCID-u4w3-usvb-jyf6
vulnerability_id VCID-u4w3-usvb-jyf6
summary 
Drupal Full Path Disclosure
`core/authorize.php` in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of `hash_salt` is `file_get_contents` of a file that does not exist.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45440
reference_id
reference_type
scores
0
value 0.86443
scoring_system epss
scoring_elements 0.99404
published_at 2026-04-02T12:55:00Z
1
value 0.86443
scoring_system epss
scoring_elements 0.99405
published_at 2026-04-04T12:55:00Z
2
value 0.87227
scoring_system epss
scoring_elements 0.99449
published_at 2026-04-13T12:55:00Z
3
value 0.87227
scoring_system epss
scoring_elements 0.99448
published_at 2026-04-11T12:55:00Z
4
value 0.87227
scoring_system epss
scoring_elements 0.99447
published_at 2026-04-09T12:55:00Z
5
value 0.87227
scoring_system epss
scoring_elements 0.99445
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45440
1
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
2
reference_url https://github.com/github/advisory-database/pull/4827
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/4827
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-45440
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-45440
4
reference_url https://senscybersecurity.nl/CVE-2024-45440-Explained
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://senscybersecurity.nl/CVE-2024-45440-Explained
5
reference_url https://www.drupal.org/project/drupal/issues/3457781
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T13:18:23Z/
url https://www.drupal.org/project/drupal/issues/3457781
6
reference_url https://www.drupal.org/project/drupal/releases/10.2.9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/project/drupal/releases/10.2.9
7
reference_url https://www.drupal.org/project/drupal/releases/10.3.6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/project/drupal/releases/10.3.6
8
reference_url https://www.drupal.org/project/drupal/releases/11.0.5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/project/drupal/releases/11.0.5
9
reference_url https://www.exploit-db.com/exploits/52266
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/52266
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52266.py
reference_id CVE-2024-45440
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52266.py
11
reference_url https://senscybersecurity.nl/CVE-2024-45440-Explained/
reference_id CVE-2024-45440-Explained
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-29T13:18:23Z/
url https://senscybersecurity.nl/CVE-2024-45440-Explained/
12
reference_url https://github.com/advisories/GHSA-mg8j-w93w-xjgc
reference_id GHSA-mg8j-w93w-xjgc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mg8j-w93w-xjgc
fixed_packages
0
url pkg:composer/drupal/drupal@10.2.9
purl pkg:composer/drupal/drupal@10.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-q4qx-7s1y-q3hc
3
vulnerability VCID-rdgr-yuu7-xkey
4
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@10.2.9
1
url pkg:composer/drupal/drupal@10.3.0-beta1
purl pkg:composer/drupal/drupal@10.3.0-beta1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@10.3.0-beta1
2
url pkg:composer/drupal/drupal@10.3.6
purl pkg:composer/drupal/drupal@10.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-q4qx-7s1y-q3hc
3
vulnerability VCID-rdgr-yuu7-xkey
4
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@10.3.6
3
url pkg:composer/drupal/drupal@11.0.0-alpha1
purl pkg:composer/drupal/drupal@11.0.0-alpha1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@11.0.0-alpha1
4
url pkg:composer/drupal/drupal@11.0.5
purl pkg:composer/drupal/drupal@11.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-q4qx-7s1y-q3hc
3
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@11.0.5
aliases CVE-2024-45440, GHSA-mg8j-w93w-xjgc
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u4w3-usvb-jyf6
56
url VCID-u5wt-ndvn-3ffg
vulnerability_id VCID-u5wt-ndvn-3ffg
summary 
Information Exposure
The `have you forgotten your password` links in the User module in Drupal allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3170
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.65791
published_at 2026-04-01T12:55:00Z
1
value 0.00498
scoring_system epss
scoring_elements 0.65875
published_at 2026-04-13T12:55:00Z
2
value 0.00498
scoring_system epss
scoring_elements 0.65905
published_at 2026-04-12T12:55:00Z
3
value 0.00498
scoring_system epss
scoring_elements 0.65918
published_at 2026-04-11T12:55:00Z
4
value 0.00498
scoring_system epss
scoring_elements 0.659
published_at 2026-04-09T12:55:00Z
5
value 0.00498
scoring_system epss
scoring_elements 0.65871
published_at 2026-04-04T12:55:00Z
6
value 0.00498
scoring_system epss
scoring_elements 0.6584
published_at 2026-04-02T12:55:00Z
7
value 0.00498
scoring_system epss
scoring_elements 0.65889
published_at 2026-04-08T12:55:00Z
8
value 0.00498
scoring_system epss
scoring_elements 0.65836
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3170
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
7
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3170.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3170.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3170.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3170.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3170
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3170
11
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
12
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
13
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
14
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.39:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.39:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.39:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha10:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha11:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha12:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha13:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha14:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha15:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha2:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha3:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha4:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha5:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha6:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha7:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha8:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha8:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:alpha9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:alpha9:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta1:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta10:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta11:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta12:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta13:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta14:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta15:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta16:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta16:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta16:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta2:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta3:*:*:*:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta4:*:*:*:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta6:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta7:*:*:*:*:*:*
102
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:beta9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:beta9:*:*:*:*:*:*
103
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:rc1:*:*:*:*:*:*
104
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:rc2:*:*:*:*:*:*
105
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:rc3:*:*:*:*:*:*
106
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0:rc4:*:*:*:*:*:*
107
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
108
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
109
reference_url https://github.com/advisories/GHSA-pqv4-xgqh-j8vh
reference_id GHSA-pqv4-xgqh-j8vh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pqv4-xgqh-j8vh
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3170, GHSA-pqv4-xgqh-j8vh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u5wt-ndvn-3ffg
57
url VCID-uqcw-p8g2-cfd2
vulnerability_id VCID-uqcw-p8g2-cfd2
summary 
Exposure of Resource to Wrong Sphere
Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13670
reference_id
reference_type
scores
0
value 0.00427
scoring_system epss
scoring_elements 0.62226
published_at 2026-04-01T12:55:00Z
1
value 0.00427
scoring_system epss
scoring_elements 0.62313
published_at 2026-04-04T12:55:00Z
2
value 0.00427
scoring_system epss
scoring_elements 0.62283
published_at 2026-04-02T12:55:00Z
3
value 0.00427
scoring_system epss
scoring_elements 0.62334
published_at 2026-04-13T12:55:00Z
4
value 0.00427
scoring_system epss
scoring_elements 0.62355
published_at 2026-04-12T12:55:00Z
5
value 0.00427
scoring_system epss
scoring_elements 0.62366
published_at 2026-04-11T12:55:00Z
6
value 0.00427
scoring_system epss
scoring_elements 0.62346
published_at 2026-04-09T12:55:00Z
7
value 0.00427
scoring_system epss
scoring_elements 0.62329
published_at 2026-04-08T12:55:00Z
8
value 0.00427
scoring_system epss
scoring_elements 0.62279
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13670
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/drupal/core/commit/f93a37b713b59f8d24e826bc74378099853eef3d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/f93a37b713b59f8d24e826bc74378099853eef3d
3
reference_url https://www.drupal.org/sa-core-2020-011
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2020-011
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13670
reference_id CVE-2020-13670
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13670
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13670.yaml
reference_id CVE-2020-13670.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13670.yaml
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13670.yaml
reference_id CVE-2020-13670.YAML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13670.yaml
7
reference_url https://github.com/advisories/GHSA-mmjr-5q74-p3m4
reference_id GHSA-mmjr-5q74-p3m4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mmjr-5q74-p3m4
fixed_packages
0
url pkg:composer/drupal/drupal@8.8.10
purl pkg:composer/drupal/drupal@8.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n7un-zgqv-jfef
10
vulnerability VCID-q4qx-7s1y-q3hc
11
vulnerability VCID-r8pv-9upr-y7gd
12
vulnerability VCID-rdgr-yuu7-xkey
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-v9v6-ae3e-g3hk
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.10
1
url pkg:composer/drupal/drupal@8.9.6
purl pkg:composer/drupal/drupal@8.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kc7d-5k6x-77bp
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-q4qx-7s1y-q3hc
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-rdgr-yuu7-xkey
14
vulnerability VCID-u4w3-usvb-jyf6
15
vulnerability VCID-v9v6-ae3e-g3hk
16
vulnerability VCID-vevm-4sfk-f7gq
17
vulnerability VCID-wbuz-qcp3-43aq
18
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.6
2
url pkg:composer/drupal/drupal@9.0.6
purl pkg:composer/drupal/drupal@9.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kc7d-5k6x-77bp
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-q4qx-7s1y-q3hc
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-rdgr-yuu7-xkey
14
vulnerability VCID-u4w3-usvb-jyf6
15
vulnerability VCID-v9v6-ae3e-g3hk
16
vulnerability VCID-vevm-4sfk-f7gq
17
vulnerability VCID-wbuz-qcp3-43aq
18
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.6
aliases CVE-2020-13670, GHSA-mmjr-5q74-p3m4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uqcw-p8g2-cfd2
58
url VCID-utyg-huhu-2ucq
vulnerability_id VCID-utyg-huhu-2ucq
summary 
Drupal External URL injection through URL aliases leading to Open Redirect
The path module in Drupal allows users with the 'administer paths' to create pretty URLs for content.
In certain circumstances the user can enter a particular path that triggers an open redirect to a malicious url.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-2.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-2.yaml
2
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-006
3
reference_url https://github.com/advisories/GHSA-r67r-42wx-c8r7
reference_id GHSA-r67r-42wx-c8r7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r67r-42wx-c8r7
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.8
purl pkg:composer/drupal/drupal@8.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-c9dm-17vt-4bbc
8
vulnerability VCID-cucx-jfqf-pkd1
9
vulnerability VCID-dgjq-y5zj-cud1
10
vulnerability VCID-djgn-ezxp-37eu
11
vulnerability VCID-gzcu-sbks-wyfa
12
vulnerability VCID-jfq8-xxwa-mkd1
13
vulnerability VCID-k1gx-nznx-7qd6
14
vulnerability VCID-kh51-g4cv-tqaw
15
vulnerability VCID-mapb-hsvc-2khc
16
vulnerability VCID-n119-gta2-kfg1
17
vulnerability VCID-n7un-zgqv-jfef
18
vulnerability VCID-nd8n-5dsu-2fbp
19
vulnerability VCID-pk74-yy1n-8qck
20
vulnerability VCID-r8pv-9upr-y7gd
21
vulnerability VCID-rhj7-dy7q-jkhw
22
vulnerability VCID-rr4q-f5cv-nkah
23
vulnerability VCID-ty3y-k9t2-qyba
24
vulnerability VCID-u1xx-aazv-bkg5
25
vulnerability VCID-u4w3-usvb-jyf6
26
vulnerability VCID-uqcw-p8g2-cfd2
27
vulnerability VCID-vevm-4sfk-f7gq
28
vulnerability VCID-w3q4-838v-97ck
29
vulnerability VCID-wbuz-qcp3-43aq
30
vulnerability VCID-wbvy-zrtk-audw
31
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.8
1
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases GHSA-r67r-42wx-c8r7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utyg-huhu-2ucq
59
url VCID-vevm-4sfk-f7gq
vulnerability_id VCID-vevm-4sfk-f7gq
summary 
Drupal core Access bypass
Drupal's uniqueness checking for certain user fields is inconsistent depending on the database engine and its collation. As a result, a user may be able to register with the same email address as another user. This may lead to data integrity issues. This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-55634
reference_id
reference_type
scores
0
value 0.00848
scoring_system epss
scoring_elements 0.74805
published_at 2026-04-02T12:55:00Z
1
value 0.00848
scoring_system epss
scoring_elements 0.74846
published_at 2026-04-13T12:55:00Z
2
value 0.00848
scoring_system epss
scoring_elements 0.74856
published_at 2026-04-12T12:55:00Z
3
value 0.00848
scoring_system epss
scoring_elements 0.74877
published_at 2026-04-11T12:55:00Z
4
value 0.00848
scoring_system epss
scoring_elements 0.74853
published_at 2026-04-09T12:55:00Z
5
value 0.00848
scoring_system epss
scoring_elements 0.74806
published_at 2026-04-07T12:55:00Z
6
value 0.00848
scoring_system epss
scoring_elements 0.74833
published_at 2026-04-04T12:55:00Z
7
value 0.00848
scoring_system epss
scoring_elements 0.74839
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-55634
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/drupal/core/commit/7ae0e8f1824e15f8b2b06e4da09836250e85e934
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/7ae0e8f1824e15f8b2b06e4da09836250e85e934
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-55634
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-55634
4
reference_url https://www.drupal.org/sa-core-2024-004
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:38:29Z/
url https://www.drupal.org/sa-core-2024-004
5
reference_url https://github.com/advisories/GHSA-7cwc-fjqm-8vh8
reference_id GHSA-7cwc-fjqm-8vh8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7cwc-fjqm-8vh8
fixed_packages
0
url pkg:composer/drupal/drupal@10.2.11
purl pkg:composer/drupal/drupal@10.2.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@10.2.11
1
url pkg:composer/drupal/drupal@10.3.9
purl pkg:composer/drupal/drupal@10.3.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@10.3.9
2
url pkg:composer/drupal/drupal@11.0.8
purl pkg:composer/drupal/drupal@11.0.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@11.0.8
aliases CVE-2024-55634, GHSA-7cwc-fjqm-8vh8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vevm-4sfk-f7gq
60
url VCID-vq5y-hdw3-nucj
vulnerability_id VCID-vq5y-hdw3-nucj
summary 
Drupal Anonymous Open Redirect
Drupal core and contributed modules frequently use a "destination" query string parameter in URLs to redirect users to a new destination after completing an action on the current page. Under certain circumstances, malicious users can use this parameter to construct a URL that will trick users into being redirected to a 3rd party website, thereby exposing the users to potential social engineering attacks.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-3.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2018-10-17-3.yaml
2
reference_url https://www.drupal.org/sa-core-2018-006
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-006
3
reference_url https://github.com/advisories/GHSA-x6v2-xmrq-574j
reference_id GHSA-x6v2-xmrq-574j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x6v2-xmrq-574j
fixed_packages
0
url pkg:composer/drupal/drupal@8.5.8
purl pkg:composer/drupal/drupal@8.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-c9dm-17vt-4bbc
8
vulnerability VCID-cucx-jfqf-pkd1
9
vulnerability VCID-dgjq-y5zj-cud1
10
vulnerability VCID-djgn-ezxp-37eu
11
vulnerability VCID-gzcu-sbks-wyfa
12
vulnerability VCID-jfq8-xxwa-mkd1
13
vulnerability VCID-k1gx-nznx-7qd6
14
vulnerability VCID-kh51-g4cv-tqaw
15
vulnerability VCID-mapb-hsvc-2khc
16
vulnerability VCID-n119-gta2-kfg1
17
vulnerability VCID-n7un-zgqv-jfef
18
vulnerability VCID-nd8n-5dsu-2fbp
19
vulnerability VCID-pk74-yy1n-8qck
20
vulnerability VCID-r8pv-9upr-y7gd
21
vulnerability VCID-rhj7-dy7q-jkhw
22
vulnerability VCID-rr4q-f5cv-nkah
23
vulnerability VCID-ty3y-k9t2-qyba
24
vulnerability VCID-u1xx-aazv-bkg5
25
vulnerability VCID-u4w3-usvb-jyf6
26
vulnerability VCID-uqcw-p8g2-cfd2
27
vulnerability VCID-vevm-4sfk-f7gq
28
vulnerability VCID-w3q4-838v-97ck
29
vulnerability VCID-wbuz-qcp3-43aq
30
vulnerability VCID-wbvy-zrtk-audw
31
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.8
1
url pkg:composer/drupal/drupal@8.6.2
purl pkg:composer/drupal/drupal@8.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-636u-5bdw-puh4
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-6m8x-cfzp-tkf4
6
vulnerability VCID-bbzr-hbhv-yyee
7
vulnerability VCID-cucx-jfqf-pkd1
8
vulnerability VCID-dgjq-y5zj-cud1
9
vulnerability VCID-djgn-ezxp-37eu
10
vulnerability VCID-jfq8-xxwa-mkd1
11
vulnerability VCID-k1gx-nznx-7qd6
12
vulnerability VCID-kh51-g4cv-tqaw
13
vulnerability VCID-mapb-hsvc-2khc
14
vulnerability VCID-n119-gta2-kfg1
15
vulnerability VCID-n7un-zgqv-jfef
16
vulnerability VCID-pk74-yy1n-8qck
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rhj7-dy7q-jkhw
19
vulnerability VCID-ty3y-k9t2-qyba
20
vulnerability VCID-u4w3-usvb-jyf6
21
vulnerability VCID-uqcw-p8g2-cfd2
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-w3q4-838v-97ck
24
vulnerability VCID-wbuz-qcp3-43aq
25
vulnerability VCID-wbvy-zrtk-audw
26
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.2
aliases GHSA-x6v2-xmrq-574j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vq5y-hdw3-nucj
61
url VCID-vy1y-zkf3-4ue4
vulnerability_id VCID-vy1y-zkf3-4ue4
summary 
Denial of service via transliterate mechanism
A specially crafted URL can cause a denial of service via the transliterate mechanism.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9452
reference_id
reference_type
scores
0
value 0.00378
scoring_system epss
scoring_elements 0.59319
published_at 2026-04-02T12:55:00Z
1
value 0.00378
scoring_system epss
scoring_elements 0.59356
published_at 2026-04-13T12:55:00Z
2
value 0.00378
scoring_system epss
scoring_elements 0.59374
published_at 2026-04-12T12:55:00Z
3
value 0.00378
scoring_system epss
scoring_elements 0.5939
published_at 2026-04-11T12:55:00Z
4
value 0.00378
scoring_system epss
scoring_elements 0.59371
published_at 2026-04-09T12:55:00Z
5
value 0.00378
scoring_system epss
scoring_elements 0.59358
published_at 2026-04-08T12:55:00Z
6
value 0.00378
scoring_system epss
scoring_elements 0.59307
published_at 2026-04-07T12:55:00Z
7
value 0.00378
scoring_system epss
scoring_elements 0.59343
published_at 2026-04-04T12:55:00Z
8
value 0.00378
scoring_system epss
scoring_elements 0.59245
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9452
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9452.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9452.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9452.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9452.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9452
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9452
5
reference_url https://www.drupal.org/SA-CORE-2016-005
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-005
6
reference_url http://www.securityfocus.com/bid/94367
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94367
7
reference_url https://security.archlinux.org/ASA-201611-20
reference_id ASA-201611-20
reference_type
scores
url https://security.archlinux.org/ASA-201611-20
8
reference_url https://security.archlinux.org/AVG-74
reference_id AVG-74
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-74
9
reference_url https://github.com/advisories/GHSA-jpj8-49hr-wcwv
reference_id GHSA-jpj8-49hr-wcwv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpj8-49hr-wcwv
fixed_packages
0
url pkg:composer/drupal/drupal@8.2.3
purl pkg:composer/drupal/drupal@8.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-fm5k-u7s6-wfhb
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gzcu-sbks-wyfa
22
vulnerability VCID-hpsp-5qtj-v7dq
23
vulnerability VCID-hzr8-ttbu-ebhg
24
vulnerability VCID-jfq8-xxwa-mkd1
25
vulnerability VCID-jnu7-1j9c-dqck
26
vulnerability VCID-k1gx-nznx-7qd6
27
vulnerability VCID-kh51-g4cv-tqaw
28
vulnerability VCID-krhy-kg1b-rfbk
29
vulnerability VCID-m1ur-bb9m-m7d5
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-t84c-8r34-57b9
41
vulnerability VCID-ty3y-k9t2-qyba
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-uqcw-p8g2-cfd2
45
vulnerability VCID-utyg-huhu-2ucq
46
vulnerability VCID-vevm-4sfk-f7gq
47
vulnerability VCID-vq5y-hdw3-nucj
48
vulnerability VCID-w3q4-838v-97ck
49
vulnerability VCID-wbuz-qcp3-43aq
50
vulnerability VCID-wbvy-zrtk-audw
51
vulnerability VCID-ww44-hb2y-mfd5
52
vulnerability VCID-wwvq-399y-rfhc
53
vulnerability VCID-y74s-ghyc-2bhs
54
vulnerability VCID-yare-57j9-j7cs
55
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.2.3
aliases CVE-2016-9452, GHSA-jpj8-49hr-wcwv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vy1y-zkf3-4ue4
62
url VCID-w3q4-838v-97ck
vulnerability_id VCID-w3q4-838v-97ck
summary 
Drupal core Denial of Service
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-1.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-1.yaml
2
reference_url https://www.drupal.org/sa-core-2019-009
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-009
3
reference_url https://github.com/advisories/GHSA-w333-5f96-mjrr
reference_id GHSA-w333-5f96-mjrr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w333-5f96-mjrr
fixed_packages
0
url pkg:composer/drupal/drupal@8.7.11
purl pkg:composer/drupal/drupal@8.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5618-53yg-8qh4
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-cvxp-ctj9-guej
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-k1gx-nznx-7qd6
7
vulnerability VCID-kh51-g4cv-tqaw
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n119-gta2-kfg1
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-nj3a-eb59-jygs
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-uqcw-p8g2-cfd2
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
18
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.11
1
url pkg:composer/drupal/drupal@8.8.1
purl pkg:composer/drupal/drupal@8.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-5618-53yg-8qh4
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-cvxp-ctj9-guej
7
vulnerability VCID-dgjq-y5zj-cud1
8
vulnerability VCID-gbz5-5frj-hber
9
vulnerability VCID-k1gx-nznx-7qd6
10
vulnerability VCID-kh51-g4cv-tqaw
11
vulnerability VCID-mapb-hsvc-2khc
12
vulnerability VCID-mhk6-9qdy-83f3
13
vulnerability VCID-n119-gta2-kfg1
14
vulnerability VCID-n7un-zgqv-jfef
15
vulnerability VCID-nj3a-eb59-jygs
16
vulnerability VCID-q4qx-7s1y-q3hc
17
vulnerability VCID-r8pv-9upr-y7gd
18
vulnerability VCID-rdgr-yuu7-xkey
19
vulnerability VCID-u4w3-usvb-jyf6
20
vulnerability VCID-uqcw-p8g2-cfd2
21
vulnerability VCID-v9v6-ae3e-g3hk
22
vulnerability VCID-vevm-4sfk-f7gq
23
vulnerability VCID-wbuz-qcp3-43aq
24
vulnerability VCID-wbvy-zrtk-audw
25
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.1
aliases GHSA-w333-5f96-mjrr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w3q4-838v-97ck
63
url VCID-wbuz-qcp3-43aq
vulnerability_id VCID-wbuz-qcp3-43aq
summary 
Improper Input Validation
guzzlehttp/psr7 is a PSR-7 HTTP message library used in drupal. Versions prior to 1.8.4 and 2.1.1 is vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24775
reference_id
reference_type
scores
0
value 0.00933
scoring_system epss
scoring_elements 0.76084
published_at 2026-04-02T12:55:00Z
1
value 0.00933
scoring_system epss
scoring_elements 0.7614
published_at 2026-04-13T12:55:00Z
2
value 0.00933
scoring_system epss
scoring_elements 0.76143
published_at 2026-04-12T12:55:00Z
3
value 0.00933
scoring_system epss
scoring_elements 0.76167
published_at 2026-04-11T12:55:00Z
4
value 0.00933
scoring_system epss
scoring_elements 0.76142
published_at 2026-04-09T12:55:00Z
5
value 0.00933
scoring_system epss
scoring_elements 0.76128
published_at 2026-04-08T12:55:00Z
6
value 0.00933
scoring_system epss
scoring_elements 0.76095
published_at 2026-04-07T12:55:00Z
7
value 0.00933
scoring_system epss
scoring_elements 0.76116
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24775
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24775
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2022-24775.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2022-24775.yaml
3
reference_url https://github.com/guzzle/psr7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/guzzle/psr7
4
reference_url https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/
url https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1
5
reference_url https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/
url https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc
6
reference_url https://www.drupal.org/sa-core-2022-006
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/
url https://www.drupal.org/sa-core-2022-006
7
reference_url https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008236
reference_id 1008236
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008236
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24775
reference_id CVE-2022-24775
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24775
10
reference_url https://github.com/advisories/GHSA-q7rv-6hp3-vh96
reference_id GHSA-q7rv-6hp3-vh96
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q7rv-6hp3-vh96
11
reference_url https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
reference_id GHSA-q7rv-6hp3-vh96
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/
url https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
12
reference_url https://usn.ubuntu.com/6670-1/
reference_id USN-6670-1
reference_type
scores
url https://usn.ubuntu.com/6670-1/
fixed_packages
0
url pkg:composer/drupal/drupal@9.2.16
purl pkg:composer/drupal/drupal@9.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-674z-nf4t-b7ez
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-mapb-hsvc-2khc
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-q4qx-7s1y-q3hc
9
vulnerability VCID-rdgr-yuu7-xkey
10
vulnerability VCID-u4w3-usvb-jyf6
11
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.2.16
1
url pkg:composer/drupal/drupal@9.3.0-alpha1
purl pkg:composer/drupal/drupal@9.3.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-dgjq-y5zj-cud1
4
vulnerability VCID-mapb-hsvc-2khc
5
vulnerability VCID-n7un-zgqv-jfef
6
vulnerability VCID-q4qx-7s1y-q3hc
7
vulnerability VCID-rdgr-yuu7-xkey
8
vulnerability VCID-u4w3-usvb-jyf6
9
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.0-alpha1
2
url pkg:composer/drupal/drupal@9.3.9
purl pkg:composer/drupal/drupal@9.3.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-1qgc-gjdn-9fhk
2
vulnerability VCID-2s8m-ujzb-skd1
3
vulnerability VCID-674z-nf4t-b7ez
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-dgjq-y5zj-cud1
7
vulnerability VCID-mapb-hsvc-2khc
8
vulnerability VCID-n7un-zgqv-jfef
9
vulnerability VCID-q4qx-7s1y-q3hc
10
vulnerability VCID-rdgr-yuu7-xkey
11
vulnerability VCID-u4w3-usvb-jyf6
12
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.9
3
url pkg:composer/drupal/drupal@10.0.0-alpha1
purl pkg:composer/drupal/drupal@10.0.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-q4qx-7s1y-q3hc
3
vulnerability VCID-rdgr-yuu7-xkey
4
vulnerability VCID-u4w3-usvb-jyf6
5
vulnerability VCID-vevm-4sfk-f7gq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@10.0.0-alpha1
aliases CVE-2022-24775, GHSA-q7rv-6hp3-vh96
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wbuz-qcp3-43aq
64
url VCID-wbvy-zrtk-audw
vulnerability_id VCID-wbvy-zrtk-audw
summary 
Drupal core Arbitrary PHP code execution
The Drupal project uses the PEAR Archive_Tar library. The PEAR Archive_Tar library has released a security update that impacts Drupal. For more information please see:
CVE-2020-28948
CVE-2020-28949

Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz file uploads and processes them.

To mitigate this issue, prevent untrusted users from uploading .tar, .tar.gz, .bz2, or .tlz files.
references
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2020-11-25.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2020-11-25.yaml
2
reference_url https://www.drupal.org/sa-core-2020-013
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2020-013
3
reference_url https://github.com/advisories/GHSA-j66p-fvp2-fxhj
reference_id GHSA-j66p-fvp2-fxhj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j66p-fvp2-fxhj
fixed_packages
0
url pkg:composer/drupal/drupal@8.8.12
purl pkg:composer/drupal/drupal@8.8.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-k1gx-nznx-7qd6
6
vulnerability VCID-mapb-hsvc-2khc
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-q4qx-7s1y-q3hc
9
vulnerability VCID-r8pv-9upr-y7gd
10
vulnerability VCID-rdgr-yuu7-xkey
11
vulnerability VCID-u4w3-usvb-jyf6
12
vulnerability VCID-vevm-4sfk-f7gq
13
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.12
1
url pkg:composer/drupal/drupal@8.9.10
purl pkg:composer/drupal/drupal@8.9.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-k1gx-nznx-7qd6
6
vulnerability VCID-kc7d-5k6x-77bp
7
vulnerability VCID-mapb-hsvc-2khc
8
vulnerability VCID-n7un-zgqv-jfef
9
vulnerability VCID-q4qx-7s1y-q3hc
10
vulnerability VCID-r8pv-9upr-y7gd
11
vulnerability VCID-rdgr-yuu7-xkey
12
vulnerability VCID-u4w3-usvb-jyf6
13
vulnerability VCID-vevm-4sfk-f7gq
14
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.10
2
url pkg:composer/drupal/drupal@9.0.9
purl pkg:composer/drupal/drupal@9.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-k1gx-nznx-7qd6
6
vulnerability VCID-kc7d-5k6x-77bp
7
vulnerability VCID-mapb-hsvc-2khc
8
vulnerability VCID-n7un-zgqv-jfef
9
vulnerability VCID-q4qx-7s1y-q3hc
10
vulnerability VCID-r8pv-9upr-y7gd
11
vulnerability VCID-rdgr-yuu7-xkey
12
vulnerability VCID-u4w3-usvb-jyf6
13
vulnerability VCID-vevm-4sfk-f7gq
14
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.9
aliases GHSA-j66p-fvp2-fxhj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wbvy-zrtk-audw
65
url VCID-we42-mkyk-hfer
vulnerability_id VCID-we42-mkyk-hfer
summary 
Saving user accounts can sometimes grant the user all roles
The User module in Drupal allows remote attackers to gain privileges by leveraging contributed or custom code that calls the `user_save` function with an explicit category and loads all roles into the array.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3169
reference_id
reference_type
scores
0
value 0.01016
scoring_system epss
scoring_elements 0.77105
published_at 2026-04-01T12:55:00Z
1
value 0.01016
scoring_system epss
scoring_elements 0.77166
published_at 2026-04-13T12:55:00Z
2
value 0.01016
scoring_system epss
scoring_elements 0.77171
published_at 2026-04-12T12:55:00Z
3
value 0.01016
scoring_system epss
scoring_elements 0.77192
published_at 2026-04-11T12:55:00Z
4
value 0.01016
scoring_system epss
scoring_elements 0.77164
published_at 2026-04-09T12:55:00Z
5
value 0.01016
scoring_system epss
scoring_elements 0.77155
published_at 2026-04-08T12:55:00Z
6
value 0.01016
scoring_system epss
scoring_elements 0.77123
published_at 2026-04-07T12:55:00Z
7
value 0.01016
scoring_system epss
scoring_elements 0.7714
published_at 2026-04-04T12:55:00Z
8
value 0.01016
scoring_system epss
scoring_elements 0.77111
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3169
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3162
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3163
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3168
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3169
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3170
7
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3169.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3169.yaml
9
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3169.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3169.yaml
10
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
11
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
12
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
13
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta1:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha1:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha2:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha3:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha4:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha5:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha6:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:alpha7:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta2:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:beta3:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:dev:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc1:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc2:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc3:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.0:rc4:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
102
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
103
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
104
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
105
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.35:*:*:*:*:*:*:*
106
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.36:*:*:*:*:*:*:*
107
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.37:*:*:*:*:*:*:*
108
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.38:*:*:*:*:*:*:*
109
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
110
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.40:*:*:*:*:*:*:*
111
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.41:*:*:*:*:*:*:*
112
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.42:*:*:*:*:*:*:*
113
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
114
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
115
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
116
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
117
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
118
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:7.x-dev:*:*:*:*:*:*:*
119
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
120
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
121
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3169
reference_id CVE-2016-3169
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3169
122
reference_url https://github.com/advisories/GHSA-q3p9-8728-wq7x
reference_id GHSA-q3p9-8728-wq7x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q3p9-8728-wq7x
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3169, GHSA-q3p9-8728-wq7x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-we42-mkyk-hfer
66
url VCID-ww44-hb2y-mfd5
vulnerability_id VCID-ww44-hb2y-mfd5
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13668
reference_id
reference_type
scores
0
value 0.00223
scoring_system epss
scoring_elements 0.44824
published_at 2026-04-01T12:55:00Z
1
value 0.00223
scoring_system epss
scoring_elements 0.44927
published_at 2026-04-04T12:55:00Z
2
value 0.00223
scoring_system epss
scoring_elements 0.44907
published_at 2026-04-02T12:55:00Z
3
value 0.00223
scoring_system epss
scoring_elements 0.44913
published_at 2026-04-13T12:55:00Z
4
value 0.00223
scoring_system epss
scoring_elements 0.44911
published_at 2026-04-12T12:55:00Z
5
value 0.00223
scoring_system epss
scoring_elements 0.44943
published_at 2026-04-11T12:55:00Z
6
value 0.00223
scoring_system epss
scoring_elements 0.44922
published_at 2026-04-09T12:55:00Z
7
value 0.00223
scoring_system epss
scoring_elements 0.4492
published_at 2026-04-08T12:55:00Z
8
value 0.00223
scoring_system epss
scoring_elements 0.44868
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13668
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/drupal/core/commit/3184fa4b2f3b65b44884b5e858cdc7794d34b4c8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/3184fa4b2f3b65b44884b5e858cdc7794d34b4c8
3
reference_url https://github.com/drupal/core/commit/58330ba58d1ac6f1a0a549e8dbde8a3e094bf4fb
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/58330ba58d1ac6f1a0a549e8dbde8a3e094bf4fb
4
reference_url https://github.com/drupal/core/commit/d4be028d81fb6b067513d788b60c3e6fc8fbd0a2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core/commit/d4be028d81fb6b067513d788b60c3e6fc8fbd0a2
5
reference_url https://www.drupal.org/sa-core-2020-009
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2020-009
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13668
reference_id CVE-2020-13668
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13668
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13668.yaml
reference_id CVE-2020-13668.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13668.yaml
8
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13668.yaml
reference_id CVE-2020-13668.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13668.yaml
9
reference_url https://github.com/advisories/GHSA-m6q5-wv4x-fv6h
reference_id GHSA-m6q5-wv4x-fv6h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m6q5-wv4x-fv6h
fixed_packages
0
url pkg:composer/drupal/drupal@8.8.10
purl pkg:composer/drupal/drupal@8.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-n7un-zgqv-jfef
10
vulnerability VCID-q4qx-7s1y-q3hc
11
vulnerability VCID-r8pv-9upr-y7gd
12
vulnerability VCID-rdgr-yuu7-xkey
13
vulnerability VCID-u4w3-usvb-jyf6
14
vulnerability VCID-v9v6-ae3e-g3hk
15
vulnerability VCID-vevm-4sfk-f7gq
16
vulnerability VCID-wbuz-qcp3-43aq
17
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.10
1
url pkg:composer/drupal/drupal@8.9.6
purl pkg:composer/drupal/drupal@8.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kc7d-5k6x-77bp
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-q4qx-7s1y-q3hc
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-rdgr-yuu7-xkey
14
vulnerability VCID-u4w3-usvb-jyf6
15
vulnerability VCID-v9v6-ae3e-g3hk
16
vulnerability VCID-vevm-4sfk-f7gq
17
vulnerability VCID-wbuz-qcp3-43aq
18
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.6
2
url pkg:composer/drupal/drupal@9.0.6
purl pkg:composer/drupal/drupal@9.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kc7d-5k6x-77bp
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n7un-zgqv-jfef
11
vulnerability VCID-q4qx-7s1y-q3hc
12
vulnerability VCID-r8pv-9upr-y7gd
13
vulnerability VCID-rdgr-yuu7-xkey
14
vulnerability VCID-u4w3-usvb-jyf6
15
vulnerability VCID-v9v6-ae3e-g3hk
16
vulnerability VCID-vevm-4sfk-f7gq
17
vulnerability VCID-wbuz-qcp3-43aq
18
vulnerability VCID-wbvy-zrtk-audw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.0.6
aliases CVE-2020-13668, GHSA-m6q5-wv4x-fv6h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ww44-hb2y-mfd5
67
url VCID-wwvq-399y-rfhc
vulnerability_id VCID-wwvq-399y-rfhc
summary 
Drupal Core Remote Code Execution Vulnerability
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7602
reference_id
reference_type
scores
0
value 0.94385
scoring_system epss
scoring_elements 0.9997
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7602
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7602
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7602
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-7602.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-7602.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-7602.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-7602.yaml
5
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/
url https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-7602
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-7602
7
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7602
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7602
8
reference_url https://www.debian.org/security/2018/dsa-4180
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/
url https://www.debian.org/security/2018/dsa-4180
9
reference_url https://www.drupal.org/sa-core-2018-004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/
url https://www.drupal.org/sa-core-2018-004
10
reference_url https://www.exploit-db.com/exploits/44542
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44542
11
reference_url https://www.exploit-db.com/exploits/44542/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/
url https://www.exploit-db.com/exploits/44542/
12
reference_url https://www.exploit-db.com/exploits/44557
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/44557
13
reference_url https://www.exploit-db.com/exploits/44557/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/
url https://www.exploit-db.com/exploits/44557/
14
reference_url http://www.securityfocus.com/bid/103985
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/
url http://www.securityfocus.com/bid/103985
15
reference_url http://www.securitytracker.com/id/1040754
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T12:39:15Z/
url http://www.securitytracker.com/id/1040754
16
reference_url https://security.archlinux.org/ASA-201804-10
reference_id ASA-201804-10
reference_type
scores
url https://security.archlinux.org/ASA-201804-10
17
reference_url https://security.archlinux.org/AVG-679
reference_id AVG-679
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-679
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
22
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44557.rb
reference_id CVE-2018-7602
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44557.rb
23
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44542.txt
reference_id CVE-2018-7602;SA-CORE-2018-004
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44542.txt
24
reference_url https://pastebin.com/pRM8nmwj
reference_id CVE-2018-7602;SA-CORE-2018-004
reference_type exploit
scores
url https://pastebin.com/pRM8nmwj
25
reference_url https://github.com/advisories/GHSA-297x-j9pm-xjgg
reference_id GHSA-297x-j9pm-xjgg
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-297x-j9pm-xjgg
26
reference_url https://usn.ubuntu.com/USN-4773-1/
reference_id USN-USN-4773-1
reference_type
scores
url https://usn.ubuntu.com/USN-4773-1/
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.8
purl pkg:composer/drupal/drupal@8.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-gzcu-sbks-wyfa
13
vulnerability VCID-jfq8-xxwa-mkd1
14
vulnerability VCID-k1gx-nznx-7qd6
15
vulnerability VCID-kh51-g4cv-tqaw
16
vulnerability VCID-mapb-hsvc-2khc
17
vulnerability VCID-n119-gta2-kfg1
18
vulnerability VCID-n7un-zgqv-jfef
19
vulnerability VCID-nd8n-5dsu-2fbp
20
vulnerability VCID-pk74-yy1n-8qck
21
vulnerability VCID-r8pv-9upr-y7gd
22
vulnerability VCID-rhj7-dy7q-jkhw
23
vulnerability VCID-rr4q-f5cv-nkah
24
vulnerability VCID-t84c-8r34-57b9
25
vulnerability VCID-ty3y-k9t2-qyba
26
vulnerability VCID-u1xx-aazv-bkg5
27
vulnerability VCID-u4w3-usvb-jyf6
28
vulnerability VCID-uqcw-p8g2-cfd2
29
vulnerability VCID-utyg-huhu-2ucq
30
vulnerability VCID-vevm-4sfk-f7gq
31
vulnerability VCID-vq5y-hdw3-nucj
32
vulnerability VCID-w3q4-838v-97ck
33
vulnerability VCID-wbuz-qcp3-43aq
34
vulnerability VCID-wbvy-zrtk-audw
35
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.8
1
url pkg:composer/drupal/drupal@8.5.3
purl pkg:composer/drupal/drupal@8.5.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-565p-mgqe-gkfc
3
vulnerability VCID-5tqs-qmqn-gug5
4
vulnerability VCID-636u-5bdw-puh4
5
vulnerability VCID-6ck5-9e5b-w3ay
6
vulnerability VCID-6m8x-cfzp-tkf4
7
vulnerability VCID-8nda-kjr2-ufd4
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-c9dm-17vt-4bbc
10
vulnerability VCID-cucx-jfqf-pkd1
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-djgn-ezxp-37eu
13
vulnerability VCID-gzcu-sbks-wyfa
14
vulnerability VCID-jfq8-xxwa-mkd1
15
vulnerability VCID-k1gx-nznx-7qd6
16
vulnerability VCID-kh51-g4cv-tqaw
17
vulnerability VCID-mapb-hsvc-2khc
18
vulnerability VCID-n119-gta2-kfg1
19
vulnerability VCID-n7un-zgqv-jfef
20
vulnerability VCID-nd8n-5dsu-2fbp
21
vulnerability VCID-pk74-yy1n-8qck
22
vulnerability VCID-r8pv-9upr-y7gd
23
vulnerability VCID-rhj7-dy7q-jkhw
24
vulnerability VCID-rr4q-f5cv-nkah
25
vulnerability VCID-t84c-8r34-57b9
26
vulnerability VCID-ty3y-k9t2-qyba
27
vulnerability VCID-u1xx-aazv-bkg5
28
vulnerability VCID-u4w3-usvb-jyf6
29
vulnerability VCID-uqcw-p8g2-cfd2
30
vulnerability VCID-utyg-huhu-2ucq
31
vulnerability VCID-vevm-4sfk-f7gq
32
vulnerability VCID-vq5y-hdw3-nucj
33
vulnerability VCID-w3q4-838v-97ck
34
vulnerability VCID-wbuz-qcp3-43aq
35
vulnerability VCID-wbvy-zrtk-audw
36
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.3
aliases CVE-2018-7602, GHSA-297x-j9pm-xjgg
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwvq-399y-rfhc
68
url VCID-xumx-m3zz-jkh6
vulnerability_id VCID-xumx-m3zz-jkh6
summary 
Open redirect via double-encoded 'destination' parameter
Open redirect vulnerability in the `drupal_goto` function in Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a double-encoded URL in the `destination` parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3167
reference_id
reference_type
scores
0
value 0.00632
scoring_system epss
scoring_elements 0.7027
published_at 2026-04-01T12:55:00Z
1
value 0.00632
scoring_system epss
scoring_elements 0.70332
published_at 2026-04-13T12:55:00Z
2
value 0.00632
scoring_system epss
scoring_elements 0.70345
published_at 2026-04-12T12:55:00Z
3
value 0.00632
scoring_system epss
scoring_elements 0.7036
published_at 2026-04-11T12:55:00Z
4
value 0.00632
scoring_system epss
scoring_elements 0.70337
published_at 2026-04-09T12:55:00Z
5
value 0.00632
scoring_system epss
scoring_elements 0.70322
published_at 2026-04-08T12:55:00Z
6
value 0.00632
scoring_system epss
scoring_elements 0.70277
published_at 2026-04-07T12:55:00Z
7
value 0.00632
scoring_system epss
scoring_elements 0.703
published_at 2026-04-04T12:55:00Z
8
value 0.00632
scoring_system epss
scoring_elements 0.70283
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3167
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3167.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-3167.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3167.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-3167.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3167
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
2
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3167
5
reference_url https://www.drupal.org/SA-CORE-2016-001
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-001
6
reference_url http://www.debian.org/security/2016/dsa-3498
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3498
7
reference_url http://www.openwall.com/lists/oss-security/2016/02/24/19
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/24/19
8
reference_url http://www.openwall.com/lists/oss-security/2016/03/15/10
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/15/10
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta2:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta3:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:beta4:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc1:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc2:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc3:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.0:rc4:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.35:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.36:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.37:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
57
reference_url https://github.com/advisories/GHSA-gxwx-c7m8-f95h
reference_id GHSA-gxwx-c7m8-f95h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gxwx-c7m8-f95h
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.4
purl pkg:composer/drupal/drupal@8.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-d4qd-ut89-gbf4
20
vulnerability VCID-dgjq-y5zj-cud1
21
vulnerability VCID-fm5k-u7s6-wfhb
22
vulnerability VCID-g1rp-twzp-63e1
23
vulnerability VCID-ga35-289v-vqhr
24
vulnerability VCID-gzcu-sbks-wyfa
25
vulnerability VCID-hzr8-ttbu-ebhg
26
vulnerability VCID-jfq8-xxwa-mkd1
27
vulnerability VCID-jnu7-1j9c-dqck
28
vulnerability VCID-k1gx-nznx-7qd6
29
vulnerability VCID-kh51-g4cv-tqaw
30
vulnerability VCID-krhy-kg1b-rfbk
31
vulnerability VCID-mapb-hsvc-2khc
32
vulnerability VCID-n119-gta2-kfg1
33
vulnerability VCID-n7un-zgqv-jfef
34
vulnerability VCID-nc36-atc6-yua6
35
vulnerability VCID-nd8n-5dsu-2fbp
36
vulnerability VCID-pk74-yy1n-8qck
37
vulnerability VCID-r8pv-9upr-y7gd
38
vulnerability VCID-rhj7-dy7q-jkhw
39
vulnerability VCID-rr4q-f5cv-nkah
40
vulnerability VCID-s9kv-9qfu-gbdq
41
vulnerability VCID-sktb-khbq-cuaq
42
vulnerability VCID-t84c-8r34-57b9
43
vulnerability VCID-ty3y-k9t2-qyba
44
vulnerability VCID-u1xx-aazv-bkg5
45
vulnerability VCID-u4w3-usvb-jyf6
46
vulnerability VCID-uqcw-p8g2-cfd2
47
vulnerability VCID-utyg-huhu-2ucq
48
vulnerability VCID-vevm-4sfk-f7gq
49
vulnerability VCID-vq5y-hdw3-nucj
50
vulnerability VCID-vy1y-zkf3-4ue4
51
vulnerability VCID-w3q4-838v-97ck
52
vulnerability VCID-wbuz-qcp3-43aq
53
vulnerability VCID-wbvy-zrtk-audw
54
vulnerability VCID-ww44-hb2y-mfd5
55
vulnerability VCID-wwvq-399y-rfhc
56
vulnerability VCID-y74s-ghyc-2bhs
57
vulnerability VCID-yare-57j9-j7cs
58
vulnerability VCID-ymka-jfep-87gt
59
vulnerability VCID-yrzt-3m97-53ce
60
vulnerability VCID-yty5-zn46-r3dj
61
vulnerability VCID-zawz-vky5-tkgt
62
vulnerability VCID-zvtp-4we3-qygx
63
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.4
aliases CVE-2016-3167, GHSA-gxwx-c7m8-f95h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xumx-m3zz-jkh6
69
url VCID-y74s-ghyc-2bhs
vulnerability_id VCID-y74s-ghyc-2bhs
summary 
Access Bypass
This is a critical access bypass vulnerability in Drupal.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6919
reference_id
reference_type
scores
0
value 0.00598
scoring_system epss
scoring_elements 0.6933
published_at 2026-04-02T12:55:00Z
1
value 0.00598
scoring_system epss
scoring_elements 0.69386
published_at 2026-04-13T12:55:00Z
2
value 0.00598
scoring_system epss
scoring_elements 0.694
published_at 2026-04-12T12:55:00Z
3
value 0.00598
scoring_system epss
scoring_elements 0.69416
published_at 2026-04-11T12:55:00Z
4
value 0.00598
scoring_system epss
scoring_elements 0.69393
published_at 2026-04-09T12:55:00Z
5
value 0.00598
scoring_system epss
scoring_elements 0.69377
published_at 2026-04-08T12:55:00Z
6
value 0.00598
scoring_system epss
scoring_elements 0.69327
published_at 2026-04-07T12:55:00Z
7
value 0.00598
scoring_system epss
scoring_elements 0.69347
published_at 2026-04-04T12:55:00Z
8
value 0.00598
scoring_system epss
scoring_elements 0.69318
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6919
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6919.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6919.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6919.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6919.yaml
4
reference_url https://groups.drupal.org/node/516645
reference_id
reference_type
scores
url https://groups.drupal.org/node/516645
5
reference_url https://www.drupal.org/SA-2017-002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-2017-002
6
reference_url https://www.drupal.org/SA-CORE-2017-002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-002
7
reference_url http://www.securityfocus.com/bid/97941
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/97941
8
reference_url http://www.securitytracker.com/id/1038371
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1038371
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.2:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.3:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.4:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.5:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.6:*:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.2.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.2.7:*:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:alpha1:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:beta1:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:rc1:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:8.3.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:8.3.0:rc2:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6919
reference_id CVE-2017-6919
reference_type
scores
0
value 6.0
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6919
81
reference_url https://github.com/advisories/GHSA-6hpj-9xj7-2jxx
reference_id GHSA-6hpj-9xj7-2jxx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6hpj-9xj7-2jxx
fixed_packages
0
url pkg:composer/drupal/drupal@8.1.0-beta1
purl pkg:composer/drupal/drupal@8.1.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-381m-cmnk-ykef
3
vulnerability VCID-3fka-y25d-m7a3
4
vulnerability VCID-3hf4-tvxn-zyh4
5
vulnerability VCID-48ut-ykkc-83fx
6
vulnerability VCID-4aer-46u2-23f6
7
vulnerability VCID-4wwt-vt76-dbe1
8
vulnerability VCID-565p-mgqe-gkfc
9
vulnerability VCID-5tqs-qmqn-gug5
10
vulnerability VCID-636u-5bdw-puh4
11
vulnerability VCID-6ck5-9e5b-w3ay
12
vulnerability VCID-6m8x-cfzp-tkf4
13
vulnerability VCID-8nda-kjr2-ufd4
14
vulnerability VCID-9f24-vqyt-r7dq
15
vulnerability VCID-9vdz-1jpq-kue3
16
vulnerability VCID-bbzr-hbhv-yyee
17
vulnerability VCID-c9dm-17vt-4bbc
18
vulnerability VCID-cucx-jfqf-pkd1
19
vulnerability VCID-dgjq-y5zj-cud1
20
vulnerability VCID-fm5k-u7s6-wfhb
21
vulnerability VCID-g1rp-twzp-63e1
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hzr8-ttbu-ebhg
25
vulnerability VCID-jfq8-xxwa-mkd1
26
vulnerability VCID-jnu7-1j9c-dqck
27
vulnerability VCID-k1gx-nznx-7qd6
28
vulnerability VCID-kh51-g4cv-tqaw
29
vulnerability VCID-krhy-kg1b-rfbk
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-sktb-khbq-cuaq
41
vulnerability VCID-t84c-8r34-57b9
42
vulnerability VCID-ty3y-k9t2-qyba
43
vulnerability VCID-u1xx-aazv-bkg5
44
vulnerability VCID-u4w3-usvb-jyf6
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-utyg-huhu-2ucq
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vq5y-hdw3-nucj
49
vulnerability VCID-vy1y-zkf3-4ue4
50
vulnerability VCID-w3q4-838v-97ck
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-wbvy-zrtk-audw
53
vulnerability VCID-ww44-hb2y-mfd5
54
vulnerability VCID-wwvq-399y-rfhc
55
vulnerability VCID-yare-57j9-j7cs
56
vulnerability VCID-ymka-jfep-87gt
57
vulnerability VCID-yrzt-3m97-53ce
58
vulnerability VCID-yty5-zn46-r3dj
59
vulnerability VCID-zawz-vky5-tkgt
60
vulnerability VCID-zvtp-4we3-qygx
61
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.0-beta1
1
url pkg:composer/drupal/drupal@8.2.0-beta1
purl pkg:composer/drupal/drupal@8.2.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-fm5k-u7s6-wfhb
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gzcu-sbks-wyfa
22
vulnerability VCID-hzr8-ttbu-ebhg
23
vulnerability VCID-jfq8-xxwa-mkd1
24
vulnerability VCID-jnu7-1j9c-dqck
25
vulnerability VCID-k1gx-nznx-7qd6
26
vulnerability VCID-kh51-g4cv-tqaw
27
vulnerability VCID-krhy-kg1b-rfbk
28
vulnerability VCID-mapb-hsvc-2khc
29
vulnerability VCID-n119-gta2-kfg1
30
vulnerability VCID-n7un-zgqv-jfef
31
vulnerability VCID-nc36-atc6-yua6
32
vulnerability VCID-nd8n-5dsu-2fbp
33
vulnerability VCID-pk74-yy1n-8qck
34
vulnerability VCID-r8pv-9upr-y7gd
35
vulnerability VCID-rhj7-dy7q-jkhw
36
vulnerability VCID-rr4q-f5cv-nkah
37
vulnerability VCID-s9kv-9qfu-gbdq
38
vulnerability VCID-sktb-khbq-cuaq
39
vulnerability VCID-t84c-8r34-57b9
40
vulnerability VCID-ty3y-k9t2-qyba
41
vulnerability VCID-u1xx-aazv-bkg5
42
vulnerability VCID-u4w3-usvb-jyf6
43
vulnerability VCID-uqcw-p8g2-cfd2
44
vulnerability VCID-utyg-huhu-2ucq
45
vulnerability VCID-vevm-4sfk-f7gq
46
vulnerability VCID-vq5y-hdw3-nucj
47
vulnerability VCID-vy1y-zkf3-4ue4
48
vulnerability VCID-w3q4-838v-97ck
49
vulnerability VCID-wbuz-qcp3-43aq
50
vulnerability VCID-wbvy-zrtk-audw
51
vulnerability VCID-ww44-hb2y-mfd5
52
vulnerability VCID-wwvq-399y-rfhc
53
vulnerability VCID-yare-57j9-j7cs
54
vulnerability VCID-ymka-jfep-87gt
55
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.2.0-beta1
2
url pkg:composer/drupal/drupal@8.2.8
purl pkg:composer/drupal/drupal@8.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-fm5k-u7s6-wfhb
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gzcu-sbks-wyfa
22
vulnerability VCID-hzr8-ttbu-ebhg
23
vulnerability VCID-jfq8-xxwa-mkd1
24
vulnerability VCID-jnu7-1j9c-dqck
25
vulnerability VCID-k1gx-nznx-7qd6
26
vulnerability VCID-kh51-g4cv-tqaw
27
vulnerability VCID-krhy-kg1b-rfbk
28
vulnerability VCID-mapb-hsvc-2khc
29
vulnerability VCID-n119-gta2-kfg1
30
vulnerability VCID-n7un-zgqv-jfef
31
vulnerability VCID-nc36-atc6-yua6
32
vulnerability VCID-nd8n-5dsu-2fbp
33
vulnerability VCID-pk74-yy1n-8qck
34
vulnerability VCID-r8pv-9upr-y7gd
35
vulnerability VCID-rhj7-dy7q-jkhw
36
vulnerability VCID-rr4q-f5cv-nkah
37
vulnerability VCID-s9kv-9qfu-gbdq
38
vulnerability VCID-t84c-8r34-57b9
39
vulnerability VCID-ty3y-k9t2-qyba
40
vulnerability VCID-u1xx-aazv-bkg5
41
vulnerability VCID-u4w3-usvb-jyf6
42
vulnerability VCID-uqcw-p8g2-cfd2
43
vulnerability VCID-utyg-huhu-2ucq
44
vulnerability VCID-vevm-4sfk-f7gq
45
vulnerability VCID-vq5y-hdw3-nucj
46
vulnerability VCID-w3q4-838v-97ck
47
vulnerability VCID-wbuz-qcp3-43aq
48
vulnerability VCID-wbvy-zrtk-audw
49
vulnerability VCID-ww44-hb2y-mfd5
50
vulnerability VCID-wwvq-399y-rfhc
51
vulnerability VCID-yare-57j9-j7cs
52
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.2.8
3
url pkg:composer/drupal/drupal@8.3.1
purl pkg:composer/drupal/drupal@8.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3hf4-tvxn-zyh4
3
vulnerability VCID-48ut-ykkc-83fx
4
vulnerability VCID-4aer-46u2-23f6
5
vulnerability VCID-565p-mgqe-gkfc
6
vulnerability VCID-5tqs-qmqn-gug5
7
vulnerability VCID-636u-5bdw-puh4
8
vulnerability VCID-6ck5-9e5b-w3ay
9
vulnerability VCID-6m8x-cfzp-tkf4
10
vulnerability VCID-8nda-kjr2-ufd4
11
vulnerability VCID-9f24-vqyt-r7dq
12
vulnerability VCID-9vdz-1jpq-kue3
13
vulnerability VCID-bbzr-hbhv-yyee
14
vulnerability VCID-c9dm-17vt-4bbc
15
vulnerability VCID-cucx-jfqf-pkd1
16
vulnerability VCID-dgjq-y5zj-cud1
17
vulnerability VCID-g1rp-twzp-63e1
18
vulnerability VCID-ga35-289v-vqhr
19
vulnerability VCID-gzcu-sbks-wyfa
20
vulnerability VCID-hzr8-ttbu-ebhg
21
vulnerability VCID-jfq8-xxwa-mkd1
22
vulnerability VCID-jnu7-1j9c-dqck
23
vulnerability VCID-k1gx-nznx-7qd6
24
vulnerability VCID-kh51-g4cv-tqaw
25
vulnerability VCID-krhy-kg1b-rfbk
26
vulnerability VCID-mapb-hsvc-2khc
27
vulnerability VCID-n119-gta2-kfg1
28
vulnerability VCID-n7un-zgqv-jfef
29
vulnerability VCID-nc36-atc6-yua6
30
vulnerability VCID-nd8n-5dsu-2fbp
31
vulnerability VCID-pk74-yy1n-8qck
32
vulnerability VCID-r8pv-9upr-y7gd
33
vulnerability VCID-rhj7-dy7q-jkhw
34
vulnerability VCID-rr4q-f5cv-nkah
35
vulnerability VCID-s9kv-9qfu-gbdq
36
vulnerability VCID-t84c-8r34-57b9
37
vulnerability VCID-ty3y-k9t2-qyba
38
vulnerability VCID-u1xx-aazv-bkg5
39
vulnerability VCID-u4w3-usvb-jyf6
40
vulnerability VCID-uqcw-p8g2-cfd2
41
vulnerability VCID-utyg-huhu-2ucq
42
vulnerability VCID-vevm-4sfk-f7gq
43
vulnerability VCID-vq5y-hdw3-nucj
44
vulnerability VCID-w3q4-838v-97ck
45
vulnerability VCID-wbuz-qcp3-43aq
46
vulnerability VCID-wbvy-zrtk-audw
47
vulnerability VCID-ww44-hb2y-mfd5
48
vulnerability VCID-wwvq-399y-rfhc
49
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.1
aliases CVE-2017-6919, GHSA-6hpj-9xj7-2jxx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y74s-ghyc-2bhs
70
url VCID-yare-57j9-j7cs
vulnerability_id VCID-yare-57j9-j7cs
summary 
URL Redirection to Untrusted Site (Open Redirect)
Drupal core has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. This vulnerability could allow an attacker to trick users into unwillingly navigating to an external site.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6932
reference_id
reference_type
scores
0
value 0.00383
scoring_system epss
scoring_elements 0.595
published_at 2026-04-01T12:55:00Z
1
value 0.00383
scoring_system epss
scoring_elements 0.59614
published_at 2026-04-13T12:55:00Z
2
value 0.00383
scoring_system epss
scoring_elements 0.59634
published_at 2026-04-12T12:55:00Z
3
value 0.00383
scoring_system epss
scoring_elements 0.5965
published_at 2026-04-11T12:55:00Z
4
value 0.00383
scoring_system epss
scoring_elements 0.59631
published_at 2026-04-09T12:55:00Z
5
value 0.00383
scoring_system epss
scoring_elements 0.59618
published_at 2026-04-08T12:55:00Z
6
value 0.00383
scoring_system epss
scoring_elements 0.59567
published_at 2026-04-07T12:55:00Z
7
value 0.00383
scoring_system epss
scoring_elements 0.59598
published_at 2026-04-04T12:55:00Z
8
value 0.00383
scoring_system epss
scoring_elements 0.59573
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6932
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6928
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6929
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6932
5
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
6
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6932.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6932.yaml
7
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6932.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6932.yaml
8
reference_url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6932
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6932
10
reference_url https://www.debian.org/security/2018/dsa-4123
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4123
11
reference_url https://www.drupal.org/sa-core-2018-001
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2018-001
12
reference_url https://www.drupal.org/SA-CORE-2018-001
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2018-001
13
reference_url https://github.com/advisories/GHSA-wm86-w3cf-h6vm
reference_id GHSA-wm86-w3cf-h6vm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wm86-w3cf-h6vm
fixed_packages
0
url pkg:composer/drupal/drupal@8.4.5
purl pkg:composer/drupal/drupal@8.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-4aer-46u2-23f6
3
vulnerability VCID-565p-mgqe-gkfc
4
vulnerability VCID-5tqs-qmqn-gug5
5
vulnerability VCID-636u-5bdw-puh4
6
vulnerability VCID-6ck5-9e5b-w3ay
7
vulnerability VCID-6m8x-cfzp-tkf4
8
vulnerability VCID-8nda-kjr2-ufd4
9
vulnerability VCID-9vdz-1jpq-kue3
10
vulnerability VCID-bbzr-hbhv-yyee
11
vulnerability VCID-c9dm-17vt-4bbc
12
vulnerability VCID-cucx-jfqf-pkd1
13
vulnerability VCID-dgjq-y5zj-cud1
14
vulnerability VCID-ga35-289v-vqhr
15
vulnerability VCID-gzcu-sbks-wyfa
16
vulnerability VCID-jfq8-xxwa-mkd1
17
vulnerability VCID-k1gx-nznx-7qd6
18
vulnerability VCID-kh51-g4cv-tqaw
19
vulnerability VCID-mapb-hsvc-2khc
20
vulnerability VCID-n119-gta2-kfg1
21
vulnerability VCID-n7un-zgqv-jfef
22
vulnerability VCID-nc36-atc6-yua6
23
vulnerability VCID-nd8n-5dsu-2fbp
24
vulnerability VCID-pk74-yy1n-8qck
25
vulnerability VCID-r8pv-9upr-y7gd
26
vulnerability VCID-rhj7-dy7q-jkhw
27
vulnerability VCID-rr4q-f5cv-nkah
28
vulnerability VCID-t84c-8r34-57b9
29
vulnerability VCID-ty3y-k9t2-qyba
30
vulnerability VCID-u1xx-aazv-bkg5
31
vulnerability VCID-u4w3-usvb-jyf6
32
vulnerability VCID-uqcw-p8g2-cfd2
33
vulnerability VCID-utyg-huhu-2ucq
34
vulnerability VCID-vevm-4sfk-f7gq
35
vulnerability VCID-vq5y-hdw3-nucj
36
vulnerability VCID-w3q4-838v-97ck
37
vulnerability VCID-wbuz-qcp3-43aq
38
vulnerability VCID-wbvy-zrtk-audw
39
vulnerability VCID-ww44-hb2y-mfd5
40
vulnerability VCID-wwvq-399y-rfhc
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.4.5
aliases CVE-2017-6932, GHSA-wm86-w3cf-h6vm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yare-57j9-j7cs
71
url VCID-ymka-jfep-87gt
vulnerability_id VCID-ymka-jfep-87gt
summary 
Missing Authorization
When creating a view, you can optionally use Ajax to update the displayed data via filter parameters. The views subsystem/module did not restrict access to the Ajax endpoint to only views configured to use Ajax. This is mitigated if you have access restrictions on the view. It is best practice to always include some form of access restrictions on all views, even if you are using another module to display them.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6923
reference_id
reference_type
scores
0
value 0.00714
scoring_system epss
scoring_elements 0.72279
published_at 2026-04-01T12:55:00Z
1
value 0.00714
scoring_system epss
scoring_elements 0.72326
published_at 2026-04-13T12:55:00Z
2
value 0.00714
scoring_system epss
scoring_elements 0.72338
published_at 2026-04-12T12:55:00Z
3
value 0.00714
scoring_system epss
scoring_elements 0.72354
published_at 2026-04-11T12:55:00Z
4
value 0.00714
scoring_system epss
scoring_elements 0.72331
published_at 2026-04-09T12:55:00Z
5
value 0.00714
scoring_system epss
scoring_elements 0.72319
published_at 2026-04-08T12:55:00Z
6
value 0.00714
scoring_system epss
scoring_elements 0.7228
published_at 2026-04-07T12:55:00Z
7
value 0.00714
scoring_system epss
scoring_elements 0.72304
published_at 2026-04-04T12:55:00Z
8
value 0.00714
scoring_system epss
scoring_elements 0.72285
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6923
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6923.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2017-6923.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6923.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2017-6923.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-6923
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-6923
4
reference_url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-08-16/drupal-core-multiple
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-08-16/drupal-core-multiple
5
reference_url https://www.drupal.org/SA-CORE-2017-004
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2017-004
6
reference_url http://www.securityfocus.com/bid/100368
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/100368
7
reference_url http://www.securitytracker.com/id/1039200
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1039200
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
9
reference_url https://github.com/advisories/GHSA-v3f6-f29f-rgvp
reference_id GHSA-v3f6-f29f-rgvp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v3f6-f29f-rgvp
fixed_packages
0
url pkg:composer/drupal/drupal@8.3.0
purl pkg:composer/drupal/drupal@8.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-3hf4-tvxn-zyh4
3
vulnerability VCID-48ut-ykkc-83fx
4
vulnerability VCID-4aer-46u2-23f6
5
vulnerability VCID-565p-mgqe-gkfc
6
vulnerability VCID-5tqs-qmqn-gug5
7
vulnerability VCID-636u-5bdw-puh4
8
vulnerability VCID-6ck5-9e5b-w3ay
9
vulnerability VCID-6m8x-cfzp-tkf4
10
vulnerability VCID-8nda-kjr2-ufd4
11
vulnerability VCID-9f24-vqyt-r7dq
12
vulnerability VCID-9vdz-1jpq-kue3
13
vulnerability VCID-bbzr-hbhv-yyee
14
vulnerability VCID-c9dm-17vt-4bbc
15
vulnerability VCID-cucx-jfqf-pkd1
16
vulnerability VCID-dgjq-y5zj-cud1
17
vulnerability VCID-g1rp-twzp-63e1
18
vulnerability VCID-ga35-289v-vqhr
19
vulnerability VCID-gzcu-sbks-wyfa
20
vulnerability VCID-hzr8-ttbu-ebhg
21
vulnerability VCID-jfq8-xxwa-mkd1
22
vulnerability VCID-jnu7-1j9c-dqck
23
vulnerability VCID-k1gx-nznx-7qd6
24
vulnerability VCID-kh51-g4cv-tqaw
25
vulnerability VCID-krhy-kg1b-rfbk
26
vulnerability VCID-mapb-hsvc-2khc
27
vulnerability VCID-n119-gta2-kfg1
28
vulnerability VCID-n7un-zgqv-jfef
29
vulnerability VCID-nc36-atc6-yua6
30
vulnerability VCID-nd8n-5dsu-2fbp
31
vulnerability VCID-pk74-yy1n-8qck
32
vulnerability VCID-r8pv-9upr-y7gd
33
vulnerability VCID-rhj7-dy7q-jkhw
34
vulnerability VCID-rr4q-f5cv-nkah
35
vulnerability VCID-s9kv-9qfu-gbdq
36
vulnerability VCID-t84c-8r34-57b9
37
vulnerability VCID-ty3y-k9t2-qyba
38
vulnerability VCID-u1xx-aazv-bkg5
39
vulnerability VCID-u4w3-usvb-jyf6
40
vulnerability VCID-uqcw-p8g2-cfd2
41
vulnerability VCID-utyg-huhu-2ucq
42
vulnerability VCID-vevm-4sfk-f7gq
43
vulnerability VCID-vq5y-hdw3-nucj
44
vulnerability VCID-w3q4-838v-97ck
45
vulnerability VCID-wbuz-qcp3-43aq
46
vulnerability VCID-wbvy-zrtk-audw
47
vulnerability VCID-ww44-hb2y-mfd5
48
vulnerability VCID-wwvq-399y-rfhc
49
vulnerability VCID-y74s-ghyc-2bhs
50
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.0
1
url pkg:composer/drupal/drupal@8.3.7
purl pkg:composer/drupal/drupal@8.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-3fka-y25d-m7a3
2
vulnerability VCID-48ut-ykkc-83fx
3
vulnerability VCID-4aer-46u2-23f6
4
vulnerability VCID-565p-mgqe-gkfc
5
vulnerability VCID-5tqs-qmqn-gug5
6
vulnerability VCID-636u-5bdw-puh4
7
vulnerability VCID-6ck5-9e5b-w3ay
8
vulnerability VCID-6m8x-cfzp-tkf4
9
vulnerability VCID-8nda-kjr2-ufd4
10
vulnerability VCID-9f24-vqyt-r7dq
11
vulnerability VCID-9vdz-1jpq-kue3
12
vulnerability VCID-bbzr-hbhv-yyee
13
vulnerability VCID-c9dm-17vt-4bbc
14
vulnerability VCID-cucx-jfqf-pkd1
15
vulnerability VCID-dgjq-y5zj-cud1
16
vulnerability VCID-g1rp-twzp-63e1
17
vulnerability VCID-ga35-289v-vqhr
18
vulnerability VCID-gzcu-sbks-wyfa
19
vulnerability VCID-jfq8-xxwa-mkd1
20
vulnerability VCID-jnu7-1j9c-dqck
21
vulnerability VCID-k1gx-nznx-7qd6
22
vulnerability VCID-kh51-g4cv-tqaw
23
vulnerability VCID-mapb-hsvc-2khc
24
vulnerability VCID-n119-gta2-kfg1
25
vulnerability VCID-n7un-zgqv-jfef
26
vulnerability VCID-nc36-atc6-yua6
27
vulnerability VCID-nd8n-5dsu-2fbp
28
vulnerability VCID-pk74-yy1n-8qck
29
vulnerability VCID-r8pv-9upr-y7gd
30
vulnerability VCID-rhj7-dy7q-jkhw
31
vulnerability VCID-rr4q-f5cv-nkah
32
vulnerability VCID-s9kv-9qfu-gbdq
33
vulnerability VCID-t84c-8r34-57b9
34
vulnerability VCID-ty3y-k9t2-qyba
35
vulnerability VCID-u1xx-aazv-bkg5
36
vulnerability VCID-u4w3-usvb-jyf6
37
vulnerability VCID-uqcw-p8g2-cfd2
38
vulnerability VCID-utyg-huhu-2ucq
39
vulnerability VCID-vevm-4sfk-f7gq
40
vulnerability VCID-vq5y-hdw3-nucj
41
vulnerability VCID-w3q4-838v-97ck
42
vulnerability VCID-wbuz-qcp3-43aq
43
vulnerability VCID-wbvy-zrtk-audw
44
vulnerability VCID-ww44-hb2y-mfd5
45
vulnerability VCID-wwvq-399y-rfhc
46
vulnerability VCID-yare-57j9-j7cs
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.3.7
aliases CVE-2017-6923, GHSA-v3f6-f29f-rgvp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymka-jfep-87gt
72
url VCID-yrzt-3m97-53ce
vulnerability_id VCID-yrzt-3m97-53ce
summary 
Unprivileged access to taxonomy terms
Modules wishing to restrict access to taxonomy terms may be incompatible with queries generated both by Drupal core as well as those generated by contributed modules like Entity Reference. As a result, information on taxonomy terms may be disclosed to unprivileged users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9449
reference_id
reference_type
scores
0
value 0.00215
scoring_system epss
scoring_elements 0.44037
published_at 2026-04-02T12:55:00Z
1
value 0.00215
scoring_system epss
scoring_elements 0.44011
published_at 2026-04-13T12:55:00Z
2
value 0.00215
scoring_system epss
scoring_elements 0.44027
published_at 2026-04-12T12:55:00Z
3
value 0.00215
scoring_system epss
scoring_elements 0.44045
published_at 2026-04-09T12:55:00Z
4
value 0.00215
scoring_system epss
scoring_elements 0.4406
published_at 2026-04-11T12:55:00Z
5
value 0.00215
scoring_system epss
scoring_elements 0.43989
published_at 2026-04-01T12:55:00Z
6
value 0.00215
scoring_system epss
scoring_elements 0.44042
published_at 2026-04-08T12:55:00Z
7
value 0.00215
scoring_system epss
scoring_elements 0.43991
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9449
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9449
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9451
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9451
3
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9449.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-9449.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9449.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-9449.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9449
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9449
7
reference_url https://www.drupal.org/SA-CORE-2016-005
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-005
8
reference_url http://www.debian.org/security/2016/dsa-3718
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3718
9
reference_url http://www.securityfocus.com/bid/94367
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/94367
10
reference_url https://security.archlinux.org/ASA-201611-20
reference_id ASA-201611-20
reference_type
scores
url https://security.archlinux.org/ASA-201611-20
11
reference_url https://security.archlinux.org/AVG-74
reference_id AVG-74
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-74
12
reference_url https://github.com/advisories/GHSA-p745-347h-hjfw
reference_id GHSA-p745-347h-hjfw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p745-347h-hjfw
fixed_packages
0
url pkg:composer/drupal/drupal@8.2.3
purl pkg:composer/drupal/drupal@8.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-dgjq-y5zj-cud1
18
vulnerability VCID-fm5k-u7s6-wfhb
19
vulnerability VCID-g1rp-twzp-63e1
20
vulnerability VCID-ga35-289v-vqhr
21
vulnerability VCID-gzcu-sbks-wyfa
22
vulnerability VCID-hpsp-5qtj-v7dq
23
vulnerability VCID-hzr8-ttbu-ebhg
24
vulnerability VCID-jfq8-xxwa-mkd1
25
vulnerability VCID-jnu7-1j9c-dqck
26
vulnerability VCID-k1gx-nznx-7qd6
27
vulnerability VCID-kh51-g4cv-tqaw
28
vulnerability VCID-krhy-kg1b-rfbk
29
vulnerability VCID-m1ur-bb9m-m7d5
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-t84c-8r34-57b9
41
vulnerability VCID-ty3y-k9t2-qyba
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-uqcw-p8g2-cfd2
45
vulnerability VCID-utyg-huhu-2ucq
46
vulnerability VCID-vevm-4sfk-f7gq
47
vulnerability VCID-vq5y-hdw3-nucj
48
vulnerability VCID-w3q4-838v-97ck
49
vulnerability VCID-wbuz-qcp3-43aq
50
vulnerability VCID-wbvy-zrtk-audw
51
vulnerability VCID-ww44-hb2y-mfd5
52
vulnerability VCID-wwvq-399y-rfhc
53
vulnerability VCID-y74s-ghyc-2bhs
54
vulnerability VCID-yare-57j9-j7cs
55
vulnerability VCID-ymka-jfep-87gt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.2.3
aliases CVE-2016-9449, GHSA-p745-347h-hjfw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yrzt-3m97-53ce
73
url VCID-yty5-zn46-r3dj
vulnerability_id VCID-yty5-zn46-r3dj
summary 
Unprivileged access to "Administer comments"
Users who have rights to edit a node can set the visibility on comments for that node. This should be restricted to those who have the administer comments permission.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7570
reference_id
reference_type
scores
0
value 0.00345
scoring_system epss
scoring_elements 0.57006
published_at 2026-04-01T12:55:00Z
1
value 0.00345
scoring_system epss
scoring_elements 0.57143
published_at 2026-04-12T12:55:00Z
2
value 0.00345
scoring_system epss
scoring_elements 0.57164
published_at 2026-04-11T12:55:00Z
3
value 0.00345
scoring_system epss
scoring_elements 0.57152
published_at 2026-04-09T12:55:00Z
4
value 0.00345
scoring_system epss
scoring_elements 0.5715
published_at 2026-04-08T12:55:00Z
5
value 0.00345
scoring_system epss
scoring_elements 0.57099
published_at 2026-04-07T12:55:00Z
6
value 0.00345
scoring_system epss
scoring_elements 0.57123
published_at 2026-04-13T12:55:00Z
7
value 0.00345
scoring_system epss
scoring_elements 0.571
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7570
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7570.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7570.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7570.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7570.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7570
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7570
5
reference_url https://www.drupal.org/SA-CORE-2016-004
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-004
6
reference_url http://www.securityfocus.com/bid/93101
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93101
7
reference_url http://www.securitytracker.com/id/1036886
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1036886
8
reference_url https://github.com/advisories/GHSA-6g9h-6v79-w4pc
reference_id GHSA-6g9h-6v79-w4pc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6g9h-6v79-w4pc
fixed_packages
0
url pkg:composer/drupal/drupal@8.1.10
purl pkg:composer/drupal/drupal@8.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-d4qd-ut89-gbf4
18
vulnerability VCID-dgjq-y5zj-cud1
19
vulnerability VCID-fm5k-u7s6-wfhb
20
vulnerability VCID-g1rp-twzp-63e1
21
vulnerability VCID-ga35-289v-vqhr
22
vulnerability VCID-gzcu-sbks-wyfa
23
vulnerability VCID-hzr8-ttbu-ebhg
24
vulnerability VCID-jfq8-xxwa-mkd1
25
vulnerability VCID-jnu7-1j9c-dqck
26
vulnerability VCID-k1gx-nznx-7qd6
27
vulnerability VCID-kh51-g4cv-tqaw
28
vulnerability VCID-krhy-kg1b-rfbk
29
vulnerability VCID-mapb-hsvc-2khc
30
vulnerability VCID-n119-gta2-kfg1
31
vulnerability VCID-n7un-zgqv-jfef
32
vulnerability VCID-nc36-atc6-yua6
33
vulnerability VCID-nd8n-5dsu-2fbp
34
vulnerability VCID-pk74-yy1n-8qck
35
vulnerability VCID-r8pv-9upr-y7gd
36
vulnerability VCID-rhj7-dy7q-jkhw
37
vulnerability VCID-rr4q-f5cv-nkah
38
vulnerability VCID-s9kv-9qfu-gbdq
39
vulnerability VCID-sktb-khbq-cuaq
40
vulnerability VCID-t84c-8r34-57b9
41
vulnerability VCID-ty3y-k9t2-qyba
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-uqcw-p8g2-cfd2
45
vulnerability VCID-utyg-huhu-2ucq
46
vulnerability VCID-vevm-4sfk-f7gq
47
vulnerability VCID-vq5y-hdw3-nucj
48
vulnerability VCID-vy1y-zkf3-4ue4
49
vulnerability VCID-w3q4-838v-97ck
50
vulnerability VCID-wbuz-qcp3-43aq
51
vulnerability VCID-wbvy-zrtk-audw
52
vulnerability VCID-ww44-hb2y-mfd5
53
vulnerability VCID-wwvq-399y-rfhc
54
vulnerability VCID-y74s-ghyc-2bhs
55
vulnerability VCID-yare-57j9-j7cs
56
vulnerability VCID-ymka-jfep-87gt
57
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.10
aliases CVE-2016-7570, GHSA-6g9h-6v79-w4pc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yty5-zn46-r3dj
74
url VCID-zawz-vky5-tkgt
vulnerability_id VCID-zawz-vky5-tkgt
summary 
Improper Access Control
PHP does not attempt to address RFC section namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the `HTTP_PROXY` environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an `httpoxy` issue.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1609.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1609.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1610.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1610.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1611.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1611.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-1612.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1612.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-1613.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1613.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5385.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5385.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5385
reference_id
reference_type
scores
0
value 0.81346
scoring_system epss
scoring_elements 0.99162
published_at 2026-04-01T12:55:00Z
1
value 0.81346
scoring_system epss
scoring_elements 0.9917
published_at 2026-04-12T12:55:00Z
2
value 0.81346
scoring_system epss
scoring_elements 0.99168
published_at 2026-04-07T12:55:00Z
3
value 0.81346
scoring_system epss
scoring_elements 0.99169
published_at 2026-04-13T12:55:00Z
4
value 0.81346
scoring_system epss
scoring_elements 0.99163
published_at 2026-04-02T12:55:00Z
5
value 0.81346
scoring_system epss
scoring_elements 0.99165
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5385
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1353794
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1353794
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5399
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6289
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6289
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6290
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6290
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6291
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6291
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6292
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6292
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6294
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6294
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6295
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6295
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6296
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6296
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6297
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6297
19
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
20
reference_url https://github.com/amphp/artax/commit/81254742812a5a9adf4b085f543f3f21daedcd97
reference_id
reference_type
scores
url https://github.com/amphp/artax/commit/81254742812a5a9adf4b085f543f3f21daedcd97
21
reference_url https://github.com/amphp/artax/commit/b60cf493c9e577a3678865f620b1eb61ab3d7ca9
reference_id
reference_type
scores
url https://github.com/amphp/artax/commit/b60cf493c9e577a3678865f620b1eb61ab3d7ca9
22
reference_url https://github.com/bugsnag/bugsnag-laravel/pull/143
reference_id
reference_type
scores
url https://github.com/bugsnag/bugsnag-laravel/pull/143
23
reference_url https://github.com/bugsnag/bugsnag-laravel/pull/145
reference_id
reference_type
scores
url https://github.com/bugsnag/bugsnag-laravel/pull/145
24
reference_url https://github.com/bugsnag/bugsnag-laravel/releases/tag/v2.0.2
reference_id
reference_type
scores
url https://github.com/bugsnag/bugsnag-laravel/releases/tag/v2.0.2
25
reference_url https://github.com/guzzle/guzzle/blob/4.x/CHANGELOG.md#424-2016-07-18
reference_id
reference_type
scores
url https://github.com/guzzle/guzzle/blob/4.x/CHANGELOG.md#424-2016-07-18
26
reference_url https://github.com/guzzle/guzzle/blob/5.3/CHANGELOG.md#531---2016-07-18
reference_id
reference_type
scores
url https://github.com/guzzle/guzzle/blob/5.3/CHANGELOG.md#531---2016-07-18
27
reference_url https://github.com/guzzle/guzzle/blob/master/CHANGELOG.md#622---2016-10-08
reference_id
reference_type
scores
url https://github.com/guzzle/guzzle/blob/master/CHANGELOG.md#622---2016-10-08
28
reference_url https://github.com/guzzle/guzzle/releases/tag/6.2.1
reference_id
reference_type
scores
url https://github.com/guzzle/guzzle/releases/tag/6.2.1
29
reference_url https://github.com/humbug/file_get_contents/pull/23
reference_id
reference_type
scores
url https://github.com/humbug/file_get_contents/pull/23
30
reference_url https://github.com/humbug/file_get_contents/pull/23/commits/848e8c282a863654e76bd958acfb57c81cb739b5
reference_id
reference_type
scores
url https://github.com/humbug/file_get_contents/pull/23/commits/848e8c282a863654e76bd958acfb57c81cb739b5
31
reference_url https://github.com/humbug/file_get_contents/releases/tag/1.1.2
reference_id
reference_type
scores
url https://github.com/humbug/file_get_contents/releases/tag/1.1.2
32
reference_url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
33
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
34
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297
35
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
36
reference_url https://httpoxy.org/
reference_id
reference_type
scores
url https://httpoxy.org/
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/
42
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/
43
reference_url https://security.gentoo.org/glsa/201611-22
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/201611-22
44
reference_url https://twitter.com/asyncphp/status/755136084917583872
reference_id
reference_type
scores
url https://twitter.com/asyncphp/status/755136084917583872
45
reference_url https://typo3.org/security/advisory/typo3-core-sa-2016-019
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2016-019
46
reference_url https://www.drupal.org/SA-CORE-2016-003
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2016-003
47
reference_url http://www.debian.org/security/2016/dsa-3631
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3631
48
reference_url http://www.kb.cert.org/vuls/id/797896
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/797896
49
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
50
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
51
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
52
reference_url http://www.securityfocus.com/bid/91821
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91821
53
reference_url http://www.securitytracker.com/id/1036335
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036335
54
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5385
reference_id CVE-2016-5385
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-5385
55
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/amphp/artax/CVE-2016-5385.yaml
reference_id CVE-2016-5385.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/amphp/artax/CVE-2016-5385.yaml
56
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/bugsnag/bugsnag-laravel/CVE-2016-5385.yaml
reference_id CVE-2016-5385.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/bugsnag/bugsnag-laravel/CVE-2016-5385.yaml
57
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-5385.yaml
reference_id CVE-2016-5385.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-5385.yaml
58
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-5385.yaml
reference_id CVE-2016-5385.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-5385.yaml
59
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2016-5385.yaml
reference_id CVE-2016-5385.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/guzzle/CVE-2016-5385.yaml
60
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/padraic/humbug_get_contents/CVE-2016-5385.yaml
reference_id CVE-2016-5385.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/padraic/humbug_get_contents/CVE-2016-5385.yaml
61
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2016-5385.yaml
reference_id CVE-2016-5385.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2016-5385.yaml
62
reference_url https://github.com/advisories/GHSA-m6ch-gg5f-wxx3
reference_id GHSA-m6ch-gg5f-wxx3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m6ch-gg5f-wxx3
63
reference_url https://access.redhat.com/errata/RHSA-2016:1609
reference_id RHSA-2016:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1609
64
reference_url https://access.redhat.com/errata/RHSA-2016:1610
reference_id RHSA-2016:1610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1610
65
reference_url https://access.redhat.com/errata/RHSA-2016:1611
reference_id RHSA-2016:1611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1611
66
reference_url https://access.redhat.com/errata/RHSA-2016:1612
reference_id RHSA-2016:1612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1612
67
reference_url https://access.redhat.com/errata/RHSA-2016:1613
reference_id RHSA-2016:1613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1613
68
reference_url https://usn.ubuntu.com/3045-1/
reference_id USN-3045-1
reference_type
scores
url https://usn.ubuntu.com/3045-1/
fixed_packages
0
url pkg:composer/drupal/drupal@8.1.0
purl pkg:composer/drupal/drupal@8.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-4wwt-vt76-dbe1
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5tqs-qmqn-gug5
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-8nda-kjr2-ufd4
13
vulnerability VCID-9f24-vqyt-r7dq
14
vulnerability VCID-9vdz-1jpq-kue3
15
vulnerability VCID-bbzr-hbhv-yyee
16
vulnerability VCID-c9dm-17vt-4bbc
17
vulnerability VCID-cucx-jfqf-pkd1
18
vulnerability VCID-d4qd-ut89-gbf4
19
vulnerability VCID-dgjq-y5zj-cud1
20
vulnerability VCID-fm5k-u7s6-wfhb
21
vulnerability VCID-g1rp-twzp-63e1
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hzr8-ttbu-ebhg
25
vulnerability VCID-jfq8-xxwa-mkd1
26
vulnerability VCID-jnu7-1j9c-dqck
27
vulnerability VCID-k1gx-nznx-7qd6
28
vulnerability VCID-kh51-g4cv-tqaw
29
vulnerability VCID-krhy-kg1b-rfbk
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-sktb-khbq-cuaq
41
vulnerability VCID-t84c-8r34-57b9
42
vulnerability VCID-ty3y-k9t2-qyba
43
vulnerability VCID-u1xx-aazv-bkg5
44
vulnerability VCID-u4w3-usvb-jyf6
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-utyg-huhu-2ucq
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vq5y-hdw3-nucj
49
vulnerability VCID-vy1y-zkf3-4ue4
50
vulnerability VCID-w3q4-838v-97ck
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-wbvy-zrtk-audw
53
vulnerability VCID-ww44-hb2y-mfd5
54
vulnerability VCID-wwvq-399y-rfhc
55
vulnerability VCID-y74s-ghyc-2bhs
56
vulnerability VCID-yare-57j9-j7cs
57
vulnerability VCID-ymka-jfep-87gt
58
vulnerability VCID-yrzt-3m97-53ce
59
vulnerability VCID-yty5-zn46-r3dj
60
vulnerability VCID-zvtp-4we3-qygx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.0
1
url pkg:composer/drupal/drupal@8.1.7
purl pkg:composer/drupal/drupal@8.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-4wwt-vt76-dbe1
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5tqs-qmqn-gug5
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-8nda-kjr2-ufd4
13
vulnerability VCID-9f24-vqyt-r7dq
14
vulnerability VCID-9vdz-1jpq-kue3
15
vulnerability VCID-bbzr-hbhv-yyee
16
vulnerability VCID-c9dm-17vt-4bbc
17
vulnerability VCID-cucx-jfqf-pkd1
18
vulnerability VCID-d4qd-ut89-gbf4
19
vulnerability VCID-dgjq-y5zj-cud1
20
vulnerability VCID-fm5k-u7s6-wfhb
21
vulnerability VCID-g1rp-twzp-63e1
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hzr8-ttbu-ebhg
25
vulnerability VCID-jfq8-xxwa-mkd1
26
vulnerability VCID-jnu7-1j9c-dqck
27
vulnerability VCID-k1gx-nznx-7qd6
28
vulnerability VCID-kh51-g4cv-tqaw
29
vulnerability VCID-krhy-kg1b-rfbk
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-sktb-khbq-cuaq
41
vulnerability VCID-t84c-8r34-57b9
42
vulnerability VCID-ty3y-k9t2-qyba
43
vulnerability VCID-u1xx-aazv-bkg5
44
vulnerability VCID-u4w3-usvb-jyf6
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-utyg-huhu-2ucq
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vq5y-hdw3-nucj
49
vulnerability VCID-vy1y-zkf3-4ue4
50
vulnerability VCID-w3q4-838v-97ck
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-wbvy-zrtk-audw
53
vulnerability VCID-ww44-hb2y-mfd5
54
vulnerability VCID-wwvq-399y-rfhc
55
vulnerability VCID-y74s-ghyc-2bhs
56
vulnerability VCID-yare-57j9-j7cs
57
vulnerability VCID-ymka-jfep-87gt
58
vulnerability VCID-yrzt-3m97-53ce
59
vulnerability VCID-yty5-zn46-r3dj
60
vulnerability VCID-zvtp-4we3-qygx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.7
aliases CVE-2016-5385, GHSA-m6ch-gg5f-wxx3
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zawz-vky5-tkgt
75
url VCID-zvtp-4we3-qygx
vulnerability_id VCID-zvtp-4we3-qygx
summary 
Unprivileged access to config export
The `system.temporary` route allows the download of a full config export. The full config export should be limited to those with "Export configuration" permission.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7572
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48545
published_at 2026-04-02T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48577
published_at 2026-04-13T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48564
published_at 2026-04-12T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.48591
published_at 2026-04-11T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48568
published_at 2026-04-04T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.4851
published_at 2026-04-01T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.4857
published_at 2026-04-09T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48574
published_at 2026-04-08T12:55:00Z
8
value 0.00252
scoring_system epss
scoring_elements 0.4852
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7572
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7572.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-7572.yaml
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7572.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-7572.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7572
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7572
5
reference_url https://www.drupal.org/SA-CORE-2016-004
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-004
6
reference_url http://www.securityfocus.com/bid/93101
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/93101
7
reference_url http://www.securitytracker.com/id/1036886
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1036886
8
reference_url https://github.com/advisories/GHSA-fmqh-2j2x-vgp3
reference_id GHSA-fmqh-2j2x-vgp3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fmqh-2j2x-vgp3
fixed_packages
0
url pkg:composer/drupal/drupal@8.1.10
purl pkg:composer/drupal/drupal@8.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-565p-mgqe-gkfc
7
vulnerability VCID-5tqs-qmqn-gug5
8
vulnerability VCID-636u-5bdw-puh4
9
vulnerability VCID-6ck5-9e5b-w3ay
10
vulnerability VCID-6m8x-cfzp-tkf4
11
vulnerability VCID-8nda-kjr2-ufd4
12
vulnerability VCID-9f24-vqyt-r7dq
13
vulnerability VCID-9vdz-1jpq-kue3
14
vulnerability VCID-bbzr-hbhv-yyee
15
vulnerability VCID-c9dm-17vt-4bbc
16
vulnerability VCID-cucx-jfqf-pkd1
17
vulnerability VCID-d4qd-ut89-gbf4
18
vulnerability VCID-dgjq-y5zj-cud1
19
vulnerability VCID-fm5k-u7s6-wfhb
20
vulnerability VCID-g1rp-twzp-63e1
21
vulnerability VCID-ga35-289v-vqhr
22
vulnerability VCID-gzcu-sbks-wyfa
23
vulnerability VCID-hzr8-ttbu-ebhg
24
vulnerability VCID-jfq8-xxwa-mkd1
25
vulnerability VCID-jnu7-1j9c-dqck
26
vulnerability VCID-k1gx-nznx-7qd6
27
vulnerability VCID-kh51-g4cv-tqaw
28
vulnerability VCID-krhy-kg1b-rfbk
29
vulnerability VCID-mapb-hsvc-2khc
30
vulnerability VCID-n119-gta2-kfg1
31
vulnerability VCID-n7un-zgqv-jfef
32
vulnerability VCID-nc36-atc6-yua6
33
vulnerability VCID-nd8n-5dsu-2fbp
34
vulnerability VCID-pk74-yy1n-8qck
35
vulnerability VCID-r8pv-9upr-y7gd
36
vulnerability VCID-rhj7-dy7q-jkhw
37
vulnerability VCID-rr4q-f5cv-nkah
38
vulnerability VCID-s9kv-9qfu-gbdq
39
vulnerability VCID-sktb-khbq-cuaq
40
vulnerability VCID-t84c-8r34-57b9
41
vulnerability VCID-ty3y-k9t2-qyba
42
vulnerability VCID-u1xx-aazv-bkg5
43
vulnerability VCID-u4w3-usvb-jyf6
44
vulnerability VCID-uqcw-p8g2-cfd2
45
vulnerability VCID-utyg-huhu-2ucq
46
vulnerability VCID-vevm-4sfk-f7gq
47
vulnerability VCID-vq5y-hdw3-nucj
48
vulnerability VCID-vy1y-zkf3-4ue4
49
vulnerability VCID-w3q4-838v-97ck
50
vulnerability VCID-wbuz-qcp3-43aq
51
vulnerability VCID-wbvy-zrtk-audw
52
vulnerability VCID-ww44-hb2y-mfd5
53
vulnerability VCID-wwvq-399y-rfhc
54
vulnerability VCID-y74s-ghyc-2bhs
55
vulnerability VCID-yare-57j9-j7cs
56
vulnerability VCID-ymka-jfep-87gt
57
vulnerability VCID-yrzt-3m97-53ce
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.10
aliases CVE-2016-7572, GHSA-fmqh-2j2x-vgp3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zvtp-4we3-qygx
76
url VCID-zxqc-67jp-uba7
vulnerability_id VCID-zxqc-67jp-uba7
summary 
Saving user accounts can sometimes grant the user all roles
The User module in Drupal allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6211
reference_id
reference_type
scores
0
value 0.01128
scoring_system epss
scoring_elements 0.7825
published_at 2026-04-02T12:55:00Z
1
value 0.01128
scoring_system epss
scoring_elements 0.78299
published_at 2026-04-13T12:55:00Z
2
value 0.01128
scoring_system epss
scoring_elements 0.78304
published_at 2026-04-12T12:55:00Z
3
value 0.01128
scoring_system epss
scoring_elements 0.78321
published_at 2026-04-11T12:55:00Z
4
value 0.01128
scoring_system epss
scoring_elements 0.78295
published_at 2026-04-09T12:55:00Z
5
value 0.01128
scoring_system epss
scoring_elements 0.78289
published_at 2026-04-08T12:55:00Z
6
value 0.01128
scoring_system epss
scoring_elements 0.78263
published_at 2026-04-07T12:55:00Z
7
value 0.01128
scoring_system epss
scoring_elements 0.78281
published_at 2026-04-04T12:55:00Z
8
value 0.01128
scoring_system epss
scoring_elements 0.78242
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6211
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6211
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6211
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-6211.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2016-6211.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-6211.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2016-6211.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6211
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6211
6
reference_url https://www.drupal.org/SA-CORE-2016-002
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/SA-CORE-2016-002
7
reference_url http://www.debian.org/security/2016/dsa-3604
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3604
8
reference_url http://www.openwall.com/lists/oss-security/2016/07/13/4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/07/13/4
9
reference_url http://www.openwall.com/lists/oss-security/2016/07/13/7
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/07/13/7
10
reference_url http://www.securityfocus.com/bid/91230
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/91230
11
reference_url https://github.com/advisories/GHSA-frqf-9qr4-6vxf
reference_id GHSA-frqf-9qr4-6vxf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-frqf-9qr4-6vxf
fixed_packages
0
url pkg:composer/drupal/drupal@8.1.0
purl pkg:composer/drupal/drupal@8.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-349d-w26k-mqfw
2
vulnerability VCID-3fka-y25d-m7a3
3
vulnerability VCID-3hf4-tvxn-zyh4
4
vulnerability VCID-48ut-ykkc-83fx
5
vulnerability VCID-4aer-46u2-23f6
6
vulnerability VCID-4wwt-vt76-dbe1
7
vulnerability VCID-565p-mgqe-gkfc
8
vulnerability VCID-5tqs-qmqn-gug5
9
vulnerability VCID-636u-5bdw-puh4
10
vulnerability VCID-6ck5-9e5b-w3ay
11
vulnerability VCID-6m8x-cfzp-tkf4
12
vulnerability VCID-8nda-kjr2-ufd4
13
vulnerability VCID-9f24-vqyt-r7dq
14
vulnerability VCID-9vdz-1jpq-kue3
15
vulnerability VCID-bbzr-hbhv-yyee
16
vulnerability VCID-c9dm-17vt-4bbc
17
vulnerability VCID-cucx-jfqf-pkd1
18
vulnerability VCID-d4qd-ut89-gbf4
19
vulnerability VCID-dgjq-y5zj-cud1
20
vulnerability VCID-fm5k-u7s6-wfhb
21
vulnerability VCID-g1rp-twzp-63e1
22
vulnerability VCID-ga35-289v-vqhr
23
vulnerability VCID-gzcu-sbks-wyfa
24
vulnerability VCID-hzr8-ttbu-ebhg
25
vulnerability VCID-jfq8-xxwa-mkd1
26
vulnerability VCID-jnu7-1j9c-dqck
27
vulnerability VCID-k1gx-nznx-7qd6
28
vulnerability VCID-kh51-g4cv-tqaw
29
vulnerability VCID-krhy-kg1b-rfbk
30
vulnerability VCID-mapb-hsvc-2khc
31
vulnerability VCID-n119-gta2-kfg1
32
vulnerability VCID-n7un-zgqv-jfef
33
vulnerability VCID-nc36-atc6-yua6
34
vulnerability VCID-nd8n-5dsu-2fbp
35
vulnerability VCID-pk74-yy1n-8qck
36
vulnerability VCID-r8pv-9upr-y7gd
37
vulnerability VCID-rhj7-dy7q-jkhw
38
vulnerability VCID-rr4q-f5cv-nkah
39
vulnerability VCID-s9kv-9qfu-gbdq
40
vulnerability VCID-sktb-khbq-cuaq
41
vulnerability VCID-t84c-8r34-57b9
42
vulnerability VCID-ty3y-k9t2-qyba
43
vulnerability VCID-u1xx-aazv-bkg5
44
vulnerability VCID-u4w3-usvb-jyf6
45
vulnerability VCID-uqcw-p8g2-cfd2
46
vulnerability VCID-utyg-huhu-2ucq
47
vulnerability VCID-vevm-4sfk-f7gq
48
vulnerability VCID-vq5y-hdw3-nucj
49
vulnerability VCID-vy1y-zkf3-4ue4
50
vulnerability VCID-w3q4-838v-97ck
51
vulnerability VCID-wbuz-qcp3-43aq
52
vulnerability VCID-wbvy-zrtk-audw
53
vulnerability VCID-ww44-hb2y-mfd5
54
vulnerability VCID-wwvq-399y-rfhc
55
vulnerability VCID-y74s-ghyc-2bhs
56
vulnerability VCID-yare-57j9-j7cs
57
vulnerability VCID-ymka-jfep-87gt
58
vulnerability VCID-yrzt-3m97-53ce
59
vulnerability VCID-yty5-zn46-r3dj
60
vulnerability VCID-zvtp-4we3-qygx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.1.0
aliases CVE-2016-6211, GHSA-frqf-9qr4-6vxf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zxqc-67jp-uba7
Fixing_vulnerabilities
0
url VCID-5618-53yg-8qh4
vulnerability_id VCID-5618-53yg-8qh4
summary 
Potential XSS vulnerability in jQuery
### Impact
Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.

### Patches
This problem is patched in jQuery 3.5.0.

### Workarounds
To workaround the issue without upgrading, adding the following to your code:

```js
jQuery.htmlPrefilter = function( html ) {
	return html;
};
```

You need to use at least jQuery 1.12/2.2 or newer to be able to apply this workaround.

### References
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://jquery.com/upgrade-guide/3.5/

### For more information
If you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
3
reference_url http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11022.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11022
reference_id
reference_type
scores
0
value 0.02136
scoring_system epss
scoring_elements 0.84198
published_at 2026-04-12T12:55:00Z
1
value 0.02136
scoring_system epss
scoring_elements 0.84185
published_at 2026-04-09T12:55:00Z
2
value 0.02136
scoring_system epss
scoring_elements 0.84179
published_at 2026-04-08T12:55:00Z
3
value 0.02136
scoring_system epss
scoring_elements 0.84157
published_at 2026-04-07T12:55:00Z
4
value 0.02136
scoring_system epss
scoring_elements 0.84155
published_at 2026-04-04T12:55:00Z
5
value 0.02136
scoring_system epss
scoring_elements 0.84203
published_at 2026-04-11T12:55:00Z
6
value 0.02136
scoring_system epss
scoring_elements 0.84194
published_at 2026-04-13T12:55:00Z
7
value 0.03251
scoring_system epss
scoring_elements 0.87068
published_at 2026-04-01T12:55:00Z
8
value 0.03251
scoring_system epss
scoring_elements 0.87079
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11022
6
reference_url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
7
reference_url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
reference_id
reference_type
scores
url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662
11
reference_url http://security.netapp.com/advisory/ntap-20200511-0006
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.netapp.com/advisory/ntap-20200511-0006
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://github.com/advisories/GHSA-gxr4-xjj5-5px2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gxr4-xjj5-5px2
14
reference_url https://github.com/jquery/jquery
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery
15
reference_url https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
16
reference_url https://github.com/jquery/jquery/releases/tag/3.5.0
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/releases/tag/3.5.0
17
reference_url https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3
scoring_elements
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
18
reference_url https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
19
reference_url https://github.com/maximebf/php-debugbar/issues/447
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/maximebf/php-debugbar/issues/447
20
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml
21
reference_url https://jquery.com/upgrade-guide/3.5
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jquery.com/upgrade-guide/3.5
22
reference_url https://jquery.com/upgrade-guide/3.5/
reference_id
reference_type
scores
url https://jquery.com/upgrade-guide/3.5/
23
reference_url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
34
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
35
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
36
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W
41
reference_url https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
42
reference_url https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
43
reference_url https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
44
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11022
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11022
45
reference_url https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html
46
reference_url https://security.gentoo.org/glsa/202007-03
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202007-03
47
reference_url https://security.netapp.com/advisory/ntap-20200511-0006
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200511-0006
48
reference_url https://www.debian.org/security/2020/dsa-4693
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4693
49
reference_url https://www.drupal.org/sa-core-2020-002
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2020-002
50
reference_url https://www.npmjs.com/advisories/1518
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1518
51
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
52
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
53
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
54
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
55
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
56
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
57
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
58
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
59
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
60
reference_url https://www.tenable.com/security/tns-2020-10
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2020-10
61
reference_url https://www.tenable.com/security/tns-2020-11
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2020-11
62
reference_url https://www.tenable.com/security/tns-2021-02
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2021-02
63
reference_url https://www.tenable.com/security/tns-2021-10
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2021-10
64
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1828406
reference_id 1828406
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1828406
65
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt
reference_id CVE-2020-11022
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49766.txt
66
reference_url https://access.redhat.com/errata/RHSA-2020:2217
reference_id RHSA-2020:2217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2217
67
reference_url https://access.redhat.com/errata/RHSA-2020:2362
reference_id RHSA-2020:2362
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2362
68
reference_url https://access.redhat.com/errata/RHSA-2020:2412
reference_id RHSA-2020:2412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2412
69
reference_url https://access.redhat.com/errata/RHSA-2020:2813
reference_id RHSA-2020:2813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2813
70
reference_url https://access.redhat.com/errata/RHSA-2020:3247
reference_id RHSA-2020:3247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3247
71
reference_url https://access.redhat.com/errata/RHSA-2020:3807
reference_id RHSA-2020:3807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3807
72
reference_url https://access.redhat.com/errata/RHSA-2020:3936
reference_id RHSA-2020:3936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3936
73
reference_url https://access.redhat.com/errata/RHSA-2020:4211
reference_id RHSA-2020:4211
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4211
74
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
75
reference_url https://access.redhat.com/errata/RHSA-2020:4670
reference_id RHSA-2020:4670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4670
76
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
77
reference_url https://access.redhat.com/errata/RHSA-2020:5249
reference_id RHSA-2020:5249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5249
78
reference_url https://access.redhat.com/errata/RHSA-2021:0778
reference_id RHSA-2021:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0778
79
reference_url https://access.redhat.com/errata/RHSA-2022:6393
reference_id RHSA-2022:6393
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6393
80
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
81
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
82
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
83
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
84
reference_url https://usn.ubuntu.com/7246-1/
reference_id USN-7246-1
reference_type
scores
url https://usn.ubuntu.com/7246-1/
85
reference_url https://usn.ubuntu.com/7622-1/
reference_id USN-7622-1
reference_type
scores
url https://usn.ubuntu.com/7622-1/
86
reference_url https://usn.ubuntu.com/7658-1/
reference_id USN-7658-1
reference_type
scores
url https://usn.ubuntu.com/7658-1/
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
1
url pkg:composer/drupal/drupal@8.7.14
purl pkg:composer/drupal/drupal@8.7.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ck5-9e5b-w3ay
1
vulnerability VCID-6m8x-cfzp-tkf4
2
vulnerability VCID-bbzr-hbhv-yyee
3
vulnerability VCID-dgjq-y5zj-cud1
4
vulnerability VCID-k1gx-nznx-7qd6
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n119-gta2-kfg1
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-uqcw-p8g2-cfd2
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
13
vulnerability VCID-wbvy-zrtk-audw
14
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.14
2
url pkg:composer/drupal/drupal@8.8.0-alpha1
purl pkg:composer/drupal/drupal@8.8.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ck5-9e5b-w3ay
1
vulnerability VCID-6m8x-cfzp-tkf4
2
vulnerability VCID-bbzr-hbhv-yyee
3
vulnerability VCID-dgjq-y5zj-cud1
4
vulnerability VCID-k1gx-nznx-7qd6
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n119-gta2-kfg1
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-uqcw-p8g2-cfd2
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
13
vulnerability VCID-wbvy-zrtk-audw
14
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.0-alpha1
3
url pkg:composer/drupal/drupal@8.8.6
purl pkg:composer/drupal/drupal@8.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-mhk6-9qdy-83f3
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-q4qx-7s1y-q3hc
13
vulnerability VCID-r8pv-9upr-y7gd
14
vulnerability VCID-rdgr-yuu7-xkey
15
vulnerability VCID-u4w3-usvb-jyf6
16
vulnerability VCID-uqcw-p8g2-cfd2
17
vulnerability VCID-v9v6-ae3e-g3hk
18
vulnerability VCID-vevm-4sfk-f7gq
19
vulnerability VCID-wbuz-qcp3-43aq
20
vulnerability VCID-wbvy-zrtk-audw
21
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.6
4
url pkg:composer/drupal/drupal@8.9.0-beta1
purl pkg:composer/drupal/drupal@8.9.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-k1gx-nznx-7qd6
6
vulnerability VCID-mapb-hsvc-2khc
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-q4qx-7s1y-q3hc
9
vulnerability VCID-r8pv-9upr-y7gd
10
vulnerability VCID-rdgr-yuu7-xkey
11
vulnerability VCID-u4w3-usvb-jyf6
12
vulnerability VCID-vevm-4sfk-f7gq
13
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.0-beta1
aliases CVE-2020-11022, GHSA-gxr4-xjj5-5px2
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5618-53yg-8qh4
1
url VCID-8b29-85h4-zkhc
vulnerability_id VCID-8b29-85h4-zkhc
summary 
Drupal SQL Injection vulnerability
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2715
reference_id
reference_type
scores
0
value 0.00615
scoring_system epss
scoring_elements 0.69882
published_at 2026-04-13T12:55:00Z
1
value 0.00615
scoring_system epss
scoring_elements 0.6982
published_at 2026-04-01T12:55:00Z
2
value 0.00615
scoring_system epss
scoring_elements 0.69833
published_at 2026-04-02T12:55:00Z
3
value 0.00615
scoring_system epss
scoring_elements 0.69848
published_at 2026-04-04T12:55:00Z
4
value 0.00615
scoring_system epss
scoring_elements 0.69825
published_at 2026-04-07T12:55:00Z
5
value 0.00615
scoring_system epss
scoring_elements 0.69873
published_at 2026-04-08T12:55:00Z
6
value 0.00615
scoring_system epss
scoring_elements 0.69889
published_at 2026-04-09T12:55:00Z
7
value 0.00615
scoring_system epss
scoring_elements 0.69911
published_at 2026-04-11T12:55:00Z
8
value 0.00615
scoring_system epss
scoring_elements 0.69896
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2715
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2715
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2715
3
reference_url https://www.drupal.org/node/1056470
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/node/1056470
4
reference_url https://www.openwall.com/lists/oss-security/2011/07/26/8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2011/07/26/8
5
reference_url https://github.com/advisories/GHSA-hcq9-hmgf-6qr9
reference_id GHSA-hcq9-hmgf-6qr9
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hcq9-hmgf-6qr9
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
aliases CVE-2011-2715, GHSA-hcq9-hmgf-6qr9
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8b29-85h4-zkhc
2
url VCID-btgv-ef3h-83d3
vulnerability_id VCID-btgv-ef3h-83d3
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41182.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41182.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41182
reference_id
reference_type
scores
0
value 0.24078
scoring_system epss
scoring_elements 0.9606
published_at 2026-04-13T12:55:00Z
1
value 0.24078
scoring_system epss
scoring_elements 0.96023
published_at 2026-04-01T12:55:00Z
2
value 0.24078
scoring_system epss
scoring_elements 0.96042
published_at 2026-04-07T12:55:00Z
3
value 0.24078
scoring_system epss
scoring_elements 0.96037
published_at 2026-04-04T12:55:00Z
4
value 0.24078
scoring_system epss
scoring_elements 0.96052
published_at 2026-04-08T12:55:00Z
5
value 0.24078
scoring_system epss
scoring_elements 0.9603
published_at 2026-04-02T12:55:00Z
6
value 0.24078
scoring_system epss
scoring_elements 0.96058
published_at 2026-04-12T12:55:00Z
7
value 0.24078
scoring_system epss
scoring_elements 0.96055
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41182
2
reference_url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released
3
reference_url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/
reference_id
reference_type
scores
url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41182
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41182
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/jquery/jquery-ui
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui
7
reference_url https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-ui-rails/CVE-2021-41182.yml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-ui-rails/CVE-2021-41182.yml
9
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html
10
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
31
reference_url https://security.netapp.com/advisory/ntap-20211118-0004
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211118-0004
32
reference_url https://security.netapp.com/advisory/ntap-20211118-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211118-0004/
33
reference_url https://www.drupal.org/sa-contrib-2022-004
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-contrib-2022-004
34
reference_url https://www.drupal.org/sa-core-2022-002
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2022-002
35
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
36
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
37
reference_url https://www.tenable.com/security/tns-2022-09
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-09
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2019144
reference_id 2019144
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2019144
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41182
reference_id CVE-2021-41182
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41182
40
reference_url https://github.com/advisories/GHSA-9gj3-hwp5-pmwc
reference_id GHSA-9gj3-hwp5-pmwc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9gj3-hwp5-pmwc
41
reference_url https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc
reference_id GHSA-9gj3-hwp5-pmwc
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc
42
reference_url https://access.redhat.com/errata/RHSA-2022:4711
reference_id RHSA-2022:4711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4711
43
reference_url https://usn.ubuntu.com/6419-1/
reference_id USN-6419-1
reference_type
scores
url https://usn.ubuntu.com/6419-1/
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
aliases CVE-2021-41182, GHSA-9gj3-hwp5-pmwc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-btgv-ef3h-83d3
3
url VCID-cvxp-ctj9-guej
vulnerability_id VCID-cvxp-ctj9-guej
summary 
Potential XSS vulnerability in jQuery
### Impact
Passing HTML containing `<option>` elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.

### Patches
This problem is patched in jQuery 3.5.0.

### Workarounds
To workaround this issue without upgrading, use [DOMPurify](https://github.com/cure53/DOMPurify) with its `SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a jQuery method.

### References
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/

### For more information
If you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
3
reference_url http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11023.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11023
reference_id
reference_type
scores
0
value 0.36278
scoring_system epss
scoring_elements 0.97107
published_at 2026-04-13T12:55:00Z
1
value 0.36278
scoring_system epss
scoring_elements 0.97105
published_at 2026-04-11T12:55:00Z
2
value 0.36278
scoring_system epss
scoring_elements 0.97091
published_at 2026-04-07T12:55:00Z
3
value 0.36278
scoring_system epss
scoring_elements 0.97101
published_at 2026-04-09T12:55:00Z
4
value 0.36278
scoring_system epss
scoring_elements 0.97106
published_at 2026-04-12T12:55:00Z
5
value 0.36278
scoring_system epss
scoring_elements 0.9709
published_at 2026-04-04T12:55:00Z
6
value 0.36851
scoring_system epss
scoring_elements 0.97117
published_at 2026-04-01T12:55:00Z
7
value 0.36851
scoring_system epss
scoring_elements 0.97125
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11023
6
reference_url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3
scoring_elements
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13662
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37
12
reference_url https://github.com/jquery/jquery
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery
13
reference_url https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
14
reference_url https://github.com/jquery/jquery/releases/tag/3.5.0
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/releases/tag/3.5.0
15
reference_url https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
16
reference_url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#410
17
reference_url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440
18
reference_url https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/v4.3.5/vendor/assets/javascripts/jquery3.js#L5979
19
reference_url https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/v4.4.0/vendor/assets/javascripts/jquery3.js#L6162
20
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml
21
reference_url https://jquery.com/upgrade-guide/3.5
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jquery.com/upgrade-guide/3.5
22
reference_url https://jquery.com/upgrade-guide/3.5/
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://jquery.com/upgrade-guide/3.5/
23
reference_url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
54
reference_url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E
55
reference_url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
56
reference_url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E
57
reference_url https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E
58
reference_url https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E
59
reference_url https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E
60
reference_url https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E
61
reference_url https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E
62
reference_url https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E
63
reference_url https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E
64
reference_url https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E
65
reference_url https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E
66
reference_url https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E
67
reference_url https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E
68
reference_url https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E
69
reference_url https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E
70
reference_url https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E
71
reference_url https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E
72
reference_url https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E
73
reference_url https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E
74
reference_url https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E
75
reference_url https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E
76
reference_url https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E
77
reference_url https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E
78
reference_url https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E
79
reference_url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
80
reference_url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E
81
reference_url https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E
82
reference_url https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E
83
reference_url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E
84
reference_url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E
85
reference_url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
86
reference_url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E
87
reference_url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
88
reference_url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E
89
reference_url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
90
reference_url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E
91
reference_url https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E
92
reference_url https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E
93
reference_url https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E
94
reference_url https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E
95
reference_url https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E
96
reference_url https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E
97
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
98
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
99
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
100
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
101
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
102
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
103
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
104
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
105
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
106
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
107
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11023
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11023
108
reference_url https://security.gentoo.org/glsa/202007-03
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://security.gentoo.org/glsa/202007-03
109
reference_url https://security.netapp.com/advisory/ntap-20200511-0006
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200511-0006
110
reference_url https://security.netapp.com/advisory/ntap-20230725-0003
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230725-0003
111
reference_url https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-565440
112
reference_url https://snyk.io/vuln/SNYK-JS-JQUERY-565129
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-JQUERY-565129
113
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023
114
reference_url https://www.debian.org/security/2020/dsa-4693
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.debian.org/security/2020/dsa-4693
115
reference_url https://www.drupal.org/sa-core-2020-002
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.drupal.org/sa-core-2020-002
116
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpuApr2021.html
117
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
118
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpujan2021.html
119
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpujan2022.html
120
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
121
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com//security-alerts/cpujul2021.html
122
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
123
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
124
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.oracle.com/security-alerts/cpuoct2021.html
125
reference_url https://www.tenable.com/security/tns-2021-02
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.tenable.com/security/tns-2021-02
126
reference_url https://www.tenable.com/security/tns-2021-10
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://www.tenable.com/security/tns-2021-10
127
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1850004
reference_id 1850004
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1850004
128
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
reference_id AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
129
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt
reference_id CVE-2020-11023
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/49767.txt
130
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml
reference_id CVE-2020-23064.YML
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N/E:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml
131
reference_url https://security.netapp.com/advisory/ntap-20200511-0006/
reference_id ntap-20200511-0006
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://security.netapp.com/advisory/ntap-20200511-0006/
132
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
reference_id QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
133
reference_url https://access.redhat.com/errata/RHSA-2020:2412
reference_id RHSA-2020:2412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2412
134
reference_url https://access.redhat.com/errata/RHSA-2020:2813
reference_id RHSA-2020:2813
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2813
135
reference_url https://access.redhat.com/errata/RHSA-2020:3247
reference_id RHSA-2020:3247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3247
136
reference_url https://access.redhat.com/errata/RHSA-2020:3369
reference_id RHSA-2020:3369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3369
137
reference_url https://access.redhat.com/errata/RHSA-2020:3807
reference_id RHSA-2020:3807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3807
138
reference_url https://access.redhat.com/errata/RHSA-2020:4211
reference_id RHSA-2020:4211
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4211
139
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
140
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
141
reference_url https://access.redhat.com/errata/RHSA-2020:5249
reference_id RHSA-2020:5249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5249
142
reference_url https://access.redhat.com/errata/RHSA-2020:5412
reference_id RHSA-2020:5412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5412
143
reference_url https://access.redhat.com/errata/RHSA-2021:0778
reference_id RHSA-2021:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0778
144
reference_url https://access.redhat.com/errata/RHSA-2021:0851
reference_id RHSA-2021:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0851
145
reference_url https://access.redhat.com/errata/RHSA-2021:0860
reference_id RHSA-2021:0860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0860
146
reference_url https://access.redhat.com/errata/RHSA-2021:1846
reference_id RHSA-2021:1846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1846
147
reference_url https://access.redhat.com/errata/RHSA-2021:4142
reference_id RHSA-2021:4142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4142
148
reference_url https://access.redhat.com/errata/RHSA-2022:6393
reference_id RHSA-2022:6393
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6393
149
reference_url https://access.redhat.com/errata/RHSA-2022:7343
reference_id RHSA-2022:7343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7343
150
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
151
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
152
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
153
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
154
reference_url https://access.redhat.com/errata/RHSA-2025:1070
reference_id RHSA-2025:1070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1070
155
reference_url https://access.redhat.com/errata/RHSA-2025:1185
reference_id RHSA-2025:1185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1185
156
reference_url https://access.redhat.com/errata/RHSA-2025:1209
reference_id RHSA-2025:1209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1209
157
reference_url https://access.redhat.com/errata/RHSA-2025:1210
reference_id RHSA-2025:1210
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1210
158
reference_url https://access.redhat.com/errata/RHSA-2025:1211
reference_id RHSA-2025:1211
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1211
159
reference_url https://access.redhat.com/errata/RHSA-2025:1212
reference_id RHSA-2025:1212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1212
160
reference_url https://access.redhat.com/errata/RHSA-2025:1213
reference_id RHSA-2025:1213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1213
161
reference_url https://access.redhat.com/errata/RHSA-2025:1214
reference_id RHSA-2025:1214
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1214
162
reference_url https://access.redhat.com/errata/RHSA-2025:1215
reference_id RHSA-2025:1215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1215
163
reference_url https://access.redhat.com/errata/RHSA-2025:1216
reference_id RHSA-2025:1216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1216
164
reference_url https://access.redhat.com/errata/RHSA-2025:1217
reference_id RHSA-2025:1217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1217
165
reference_url https://access.redhat.com/errata/RHSA-2025:1247
reference_id RHSA-2025:1247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1247
166
reference_url https://access.redhat.com/errata/RHSA-2025:1255
reference_id RHSA-2025:1255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1255
167
reference_url https://access.redhat.com/errata/RHSA-2025:1256
reference_id RHSA-2025:1256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1256
168
reference_url https://access.redhat.com/errata/RHSA-2025:1300
reference_id RHSA-2025:1300
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1300
169
reference_url https://access.redhat.com/errata/RHSA-2025:1301
reference_id RHSA-2025:1301
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1301
170
reference_url https://access.redhat.com/errata/RHSA-2025:1303
reference_id RHSA-2025:1303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1303
171
reference_url https://access.redhat.com/errata/RHSA-2025:1304
reference_id RHSA-2025:1304
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1304
172
reference_url https://access.redhat.com/errata/RHSA-2025:1305
reference_id RHSA-2025:1305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1305
173
reference_url https://access.redhat.com/errata/RHSA-2025:1306
reference_id RHSA-2025:1306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1306
174
reference_url https://access.redhat.com/errata/RHSA-2025:1308
reference_id RHSA-2025:1308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1308
175
reference_url https://access.redhat.com/errata/RHSA-2025:1309
reference_id RHSA-2025:1309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1309
176
reference_url https://access.redhat.com/errata/RHSA-2025:1310
reference_id RHSA-2025:1310
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1310
177
reference_url https://access.redhat.com/errata/RHSA-2025:1311
reference_id RHSA-2025:1311
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1311
178
reference_url https://access.redhat.com/errata/RHSA-2025:1312
reference_id RHSA-2025:1312
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1312
179
reference_url https://access.redhat.com/errata/RHSA-2025:1314
reference_id RHSA-2025:1314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1314
180
reference_url https://access.redhat.com/errata/RHSA-2025:1315
reference_id RHSA-2025:1315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1315
181
reference_url https://access.redhat.com/errata/RHSA-2025:1329
reference_id RHSA-2025:1329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1329
182
reference_url https://access.redhat.com/errata/RHSA-2025:1338
reference_id RHSA-2025:1338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1338
183
reference_url https://access.redhat.com/errata/RHSA-2025:1342
reference_id RHSA-2025:1342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1342
184
reference_url https://access.redhat.com/errata/RHSA-2025:1346
reference_id RHSA-2025:1346
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1346
185
reference_url https://access.redhat.com/errata/RHSA-2025:1514
reference_id RHSA-2025:1514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1514
186
reference_url https://access.redhat.com/errata/RHSA-2025:1515
reference_id RHSA-2025:1515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1515
187
reference_url https://access.redhat.com/errata/RHSA-2025:1580
reference_id RHSA-2025:1580
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1580
188
reference_url https://access.redhat.com/errata/RHSA-2025:1601
reference_id RHSA-2025:1601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1601
189
reference_url https://access.redhat.com/errata/RHSA-2025:1983
reference_id RHSA-2025:1983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1983
190
reference_url https://access.redhat.com/errata/RHSA-2025:2426
reference_id RHSA-2025:2426
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2426
191
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
reference_id SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
192
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
reference_id SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:07:17Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
193
reference_url https://usn.ubuntu.com/7246-1/
reference_id USN-7246-1
reference_type
scores
url https://usn.ubuntu.com/7246-1/
194
reference_url https://usn.ubuntu.com/7622-1/
reference_id USN-7622-1
reference_type
scores
url https://usn.ubuntu.com/7622-1/
195
reference_url https://usn.ubuntu.com/7658-1/
reference_id USN-7658-1
reference_type
scores
url https://usn.ubuntu.com/7658-1/
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
1
url pkg:composer/drupal/drupal@8.7.14
purl pkg:composer/drupal/drupal@8.7.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ck5-9e5b-w3ay
1
vulnerability VCID-6m8x-cfzp-tkf4
2
vulnerability VCID-bbzr-hbhv-yyee
3
vulnerability VCID-dgjq-y5zj-cud1
4
vulnerability VCID-k1gx-nznx-7qd6
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n119-gta2-kfg1
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-uqcw-p8g2-cfd2
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
13
vulnerability VCID-wbvy-zrtk-audw
14
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.14
2
url pkg:composer/drupal/drupal@8.8.0-alpha1
purl pkg:composer/drupal/drupal@8.8.0-alpha1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6ck5-9e5b-w3ay
1
vulnerability VCID-6m8x-cfzp-tkf4
2
vulnerability VCID-bbzr-hbhv-yyee
3
vulnerability VCID-dgjq-y5zj-cud1
4
vulnerability VCID-k1gx-nznx-7qd6
5
vulnerability VCID-mapb-hsvc-2khc
6
vulnerability VCID-n119-gta2-kfg1
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-r8pv-9upr-y7gd
9
vulnerability VCID-u4w3-usvb-jyf6
10
vulnerability VCID-uqcw-p8g2-cfd2
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
13
vulnerability VCID-wbvy-zrtk-audw
14
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.0-alpha1
3
url pkg:composer/drupal/drupal@8.8.6
purl pkg:composer/drupal/drupal@8.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-gbz5-5frj-hber
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-mapb-hsvc-2khc
9
vulnerability VCID-mhk6-9qdy-83f3
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-q4qx-7s1y-q3hc
13
vulnerability VCID-r8pv-9upr-y7gd
14
vulnerability VCID-rdgr-yuu7-xkey
15
vulnerability VCID-u4w3-usvb-jyf6
16
vulnerability VCID-uqcw-p8g2-cfd2
17
vulnerability VCID-v9v6-ae3e-g3hk
18
vulnerability VCID-vevm-4sfk-f7gq
19
vulnerability VCID-wbuz-qcp3-43aq
20
vulnerability VCID-wbvy-zrtk-audw
21
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.6
4
url pkg:composer/drupal/drupal@8.9.0-beta1
purl pkg:composer/drupal/drupal@8.9.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-dgjq-y5zj-cud1
5
vulnerability VCID-k1gx-nznx-7qd6
6
vulnerability VCID-mapb-hsvc-2khc
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-q4qx-7s1y-q3hc
9
vulnerability VCID-r8pv-9upr-y7gd
10
vulnerability VCID-rdgr-yuu7-xkey
11
vulnerability VCID-u4w3-usvb-jyf6
12
vulnerability VCID-vevm-4sfk-f7gq
13
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.9.0-beta1
aliases CVE-2020-11023, GHSA-jpcq-cgw6-v4j6
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvxp-ctj9-guej
4
url VCID-djgn-ezxp-37eu
vulnerability_id VCID-djgn-ezxp-37eu
summary 
Cross-site Scripting
Under certain circumstances the File `module/subsystem` allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6341
reference_id
reference_type
scores
0
value 0.46484
scoring_system epss
scoring_elements 0.9764
published_at 2026-04-02T12:55:00Z
1
value 0.46484
scoring_system epss
scoring_elements 0.97655
published_at 2026-04-13T12:55:00Z
2
value 0.46484
scoring_system epss
scoring_elements 0.97652
published_at 2026-04-11T12:55:00Z
3
value 0.46484
scoring_system epss
scoring_elements 0.9765
published_at 2026-04-09T12:55:00Z
4
value 0.46484
scoring_system epss
scoring_elements 0.97648
published_at 2026-04-08T12:55:00Z
5
value 0.46484
scoring_system epss
scoring_elements 0.97644
published_at 2026-04-07T12:55:00Z
6
value 0.46484
scoring_system epss
scoring_elements 0.97642
published_at 2026-04-04T12:55:00Z
7
value 0.46484
scoring_system epss
scoring_elements 0.97634
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6341
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6341
2
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6341.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6341.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6341.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6341.yaml
5
reference_url https://lists.debian.org/debian-lts-announce/2019/04/msg00003.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/04/msg00003.html
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWHF4LALNBZCXMITWWVWKY3PNVYTM3N7/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4KTET2PTSIS3ZZ4SGBRQEN6CCLV5SYX/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNTLCBAN6T7WYR5C4TNEYQD65IIR3V4P/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4SVTVIJ33XCFQ6X6XTVMQM3NPLP2WFS/
22
reference_url https://www.drupal.org/sa-core-2019-004
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-004
23
reference_url https://www.drupal.org/SA-CORE-2019-004
reference_id
reference_type
scores
url https://www.drupal.org/SA-CORE-2019-004
24
reference_url https://www.synology.com/security/advisory/Synology_SA_19_13
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_13
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6341
reference_id CVE-2019-6341
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-6341
30
reference_url https://github.com/advisories/GHSA-cmmh-8mwp-gq5p
reference_id GHSA-cmmh-8mwp-gq5p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cmmh-8mwp-gq5p
fixed_packages
0
url pkg:composer/drupal/drupal@7.65.0
purl pkg:composer/drupal/drupal@7.65.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@7.65.0
1
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
2
url pkg:composer/drupal/drupal@8.5.14
purl pkg:composer/drupal/drupal@8.5.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-636u-5bdw-puh4
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-jfq8-xxwa-mkd1
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kh51-g4cv-tqaw
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-pk74-yy1n-8qck
13
vulnerability VCID-r8pv-9upr-y7gd
14
vulnerability VCID-ty3y-k9t2-qyba
15
vulnerability VCID-u4w3-usvb-jyf6
16
vulnerability VCID-uqcw-p8g2-cfd2
17
vulnerability VCID-vevm-4sfk-f7gq
18
vulnerability VCID-w3q4-838v-97ck
19
vulnerability VCID-wbuz-qcp3-43aq
20
vulnerability VCID-wbvy-zrtk-audw
21
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.5.14
3
url pkg:composer/drupal/drupal@8.6.13
purl pkg:composer/drupal/drupal@8.6.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-349d-w26k-mqfw
1
vulnerability VCID-636u-5bdw-puh4
2
vulnerability VCID-6ck5-9e5b-w3ay
3
vulnerability VCID-6m8x-cfzp-tkf4
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-jfq8-xxwa-mkd1
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kh51-g4cv-tqaw
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-pk74-yy1n-8qck
13
vulnerability VCID-r8pv-9upr-y7gd
14
vulnerability VCID-ty3y-k9t2-qyba
15
vulnerability VCID-u4w3-usvb-jyf6
16
vulnerability VCID-uqcw-p8g2-cfd2
17
vulnerability VCID-vevm-4sfk-f7gq
18
vulnerability VCID-w3q4-838v-97ck
19
vulnerability VCID-wbuz-qcp3-43aq
20
vulnerability VCID-wbvy-zrtk-audw
21
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.6.13
aliases CVE-2019-6341, GHSA-cmmh-8mwp-gq5p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djgn-ezxp-37eu
5
url VCID-gypk-ukbc-7qe3
vulnerability_id VCID-gypk-ukbc-7qe3
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41183.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41183.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41183
reference_id
reference_type
scores
0
value 0.02921
scoring_system epss
scoring_elements 0.86393
published_at 2026-04-13T12:55:00Z
1
value 0.02921
scoring_system epss
scoring_elements 0.86387
published_at 2026-04-09T12:55:00Z
2
value 0.02921
scoring_system epss
scoring_elements 0.86377
published_at 2026-04-08T12:55:00Z
3
value 0.02921
scoring_system epss
scoring_elements 0.86328
published_at 2026-04-01T12:55:00Z
4
value 0.02921
scoring_system epss
scoring_elements 0.86339
published_at 2026-04-02T12:55:00Z
5
value 0.02921
scoring_system epss
scoring_elements 0.86357
published_at 2026-04-04T12:55:00Z
6
value 0.02921
scoring_system epss
scoring_elements 0.86399
published_at 2026-04-12T12:55:00Z
7
value 0.02921
scoring_system epss
scoring_elements 0.864
published_at 2026-04-11T12:55:00Z
8
value 0.02921
scoring_system epss
scoring_elements 0.86358
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41183
2
reference_url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released
3
reference_url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/
reference_id
reference_type
scores
url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/
4
reference_url https://bugs.jqueryui.com/ticket/15284
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.jqueryui.com/ticket/15284
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41183
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41183
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/jquery/jquery-ui
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui
8
reference_url https://github.com/jquery/jquery-ui/pull/1953
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui/pull/1953
9
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html
10
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
31
reference_url https://security.netapp.com/advisory/ntap-20211118-0004
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211118-0004
32
reference_url https://security.netapp.com/advisory/ntap-20211118-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211118-0004/
33
reference_url https://www.drupal.org/sa-contrib-2022-004
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-contrib-2022-004
34
reference_url https://www.drupal.org/sa-core-2022-001
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2022-001
35
reference_url https://www.drupal.org/sa-core-2022-002
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2022-002
36
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
37
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
38
reference_url https://www.tenable.com/security/tns-2022-09
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-09
39
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2019148
reference_id 2019148
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2019148
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41183
reference_id CVE-2021-41183
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41183
41
reference_url https://github.com/advisories/GHSA-j7qv-pgf6-hvh4
reference_id GHSA-j7qv-pgf6-hvh4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j7qv-pgf6-hvh4
42
reference_url https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4
reference_id GHSA-j7qv-pgf6-hvh4
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4
43
reference_url https://access.redhat.com/errata/RHSA-2022:4711
reference_id RHSA-2022:4711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4711
44
reference_url https://usn.ubuntu.com/6419-1/
reference_id USN-6419-1
reference_type
scores
url https://usn.ubuntu.com/6419-1/
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
aliases CVE-2021-41183, GHSA-j7qv-pgf6-hvh4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gypk-ukbc-7qe3
6
url VCID-sbmj-9trz-2ybf
vulnerability_id VCID-sbmj-9trz-2ybf
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
jQuery-UI is the official jQuery user interface library.Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41184.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41184.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41184
reference_id
reference_type
scores
0
value 0.25367
scoring_system epss
scoring_elements 0.96208
published_at 2026-04-13T12:55:00Z
1
value 0.25367
scoring_system epss
scoring_elements 0.96206
published_at 2026-04-12T12:55:00Z
2
value 0.25367
scoring_system epss
scoring_elements 0.96207
published_at 2026-04-11T12:55:00Z
3
value 0.25367
scoring_system epss
scoring_elements 0.96171
published_at 2026-04-01T12:55:00Z
4
value 0.25367
scoring_system epss
scoring_elements 0.96199
published_at 2026-04-08T12:55:00Z
5
value 0.25367
scoring_system epss
scoring_elements 0.9619
published_at 2026-04-07T12:55:00Z
6
value 0.25367
scoring_system epss
scoring_elements 0.96186
published_at 2026-04-04T12:55:00Z
7
value 0.25367
scoring_system epss
scoring_elements 0.96179
published_at 2026-04-02T12:55:00Z
8
value 0.25367
scoring_system epss
scoring_elements 0.96202
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41184
2
reference_url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released
3
reference_url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/
reference_id
reference_type
scores
url https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41184
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41184
5
reference_url http://seclists.org/fulldisclosure/2024/Aug/37
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2024/Aug/37
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/jquery/jquery-ui
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui
8
reference_url https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280
9
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/
23
reference_url https://security.netapp.com/advisory/ntap-20211118-0004
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211118-0004
24
reference_url https://security.netapp.com/advisory/ntap-20211118-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211118-0004/
25
reference_url https://www.drupal.org/sa-core-2022-001
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2022-001
26
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
27
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
28
reference_url https://www.tenable.com/security/tns-2022-09
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/tns-2022-09
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2019153
reference_id 2019153
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2019153
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41184
reference_id CVE-2021-41184
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41184
31
reference_url https://github.com/advisories/GHSA-gpqq-952q-5327
reference_id GHSA-gpqq-952q-5327
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gpqq-952q-5327
32
reference_url https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327
reference_id GHSA-gpqq-952q-5327
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327
33
reference_url https://access.redhat.com/errata/RHSA-2022:4711
reference_id RHSA-2022:4711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4711
34
reference_url https://usn.ubuntu.com/6419-1/
reference_id USN-6419-1
reference_type
scores
url https://usn.ubuntu.com/6419-1/
35
reference_url https://usn.ubuntu.com/USN-5181-1/
reference_id USN-USN-5181-1
reference_type
scores
url https://usn.ubuntu.com/USN-5181-1/
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
aliases CVE-2021-41184, GHSA-gpqq-952q-5327
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sbmj-9trz-2ybf
7
url VCID-t5xa-hsz5-mbh5
vulnerability_id VCID-t5xa-hsz5-mbh5
summary 
Drupal Cross-Site Scripting vulnerability
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2714
reference_id
reference_type
scores
0
value 0.00528
scoring_system epss
scoring_elements 0.67062
published_at 2026-04-01T12:55:00Z
1
value 0.00528
scoring_system epss
scoring_elements 0.67134
published_at 2026-04-13T12:55:00Z
2
value 0.00528
scoring_system epss
scoring_elements 0.67165
published_at 2026-04-12T12:55:00Z
3
value 0.00528
scoring_system epss
scoring_elements 0.67179
published_at 2026-04-11T12:55:00Z
4
value 0.00528
scoring_system epss
scoring_elements 0.6716
published_at 2026-04-09T12:55:00Z
5
value 0.00528
scoring_system epss
scoring_elements 0.67147
published_at 2026-04-08T12:55:00Z
6
value 0.00528
scoring_system epss
scoring_elements 0.67097
published_at 2026-04-07T12:55:00Z
7
value 0.00528
scoring_system epss
scoring_elements 0.67123
published_at 2026-04-04T12:55:00Z
8
value 0.00528
scoring_system epss
scoring_elements 0.67099
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2714
1
reference_url https://github.com/drupal/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/core
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-2714
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-2714
3
reference_url https://seclists.org/fulldisclosure/2011/Feb/219
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2011/Feb/219
4
reference_url https://www.drupal.org/node/1056470
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/node/1056470
5
reference_url https://www.openwall.com/lists/oss-security/2011/07/26/8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2011/07/26/8
6
reference_url https://github.com/advisories/GHSA-qp8q-gwf5-hqh2
reference_id GHSA-qp8q-gwf5-hqh2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qp8q-gwf5-hqh2
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
aliases CVE-2011-2714, GHSA-qp8q-gwf5-hqh2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t5xa-hsz5-mbh5
8
url VCID-zw3u-6ue7-efdf
vulnerability_id VCID-zw3u-6ue7-efdf
summary 
Improper Input Validation
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25271
reference_id
reference_type
scores
0
value 0.00355
scoring_system epss
scoring_elements 0.57855
published_at 2026-04-09T12:55:00Z
1
value 0.00355
scoring_system epss
scoring_elements 0.57829
published_at 2026-04-13T12:55:00Z
2
value 0.00355
scoring_system epss
scoring_elements 0.5785
published_at 2026-04-12T12:55:00Z
3
value 0.00355
scoring_system epss
scoring_elements 0.57872
published_at 2026-04-11T12:55:00Z
4
value 0.00355
scoring_system epss
scoring_elements 0.57804
published_at 2026-04-02T12:55:00Z
5
value 0.00355
scoring_system epss
scoring_elements 0.57825
published_at 2026-04-04T12:55:00Z
6
value 0.00355
scoring_system epss
scoring_elements 0.57799
published_at 2026-04-07T12:55:00Z
7
value 0.00355
scoring_system epss
scoring_elements 0.57854
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25271
1
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/
9
reference_url https://www.drupal.org/sa-core-2022-003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2022-003
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25271
reference_id CVE-2022-25271
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25271
11
reference_url https://github.com/advisories/GHSA-fmfv-x8mp-5767
reference_id GHSA-fmfv-x8mp-5767
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fmfv-x8mp-5767
fixed_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1922-fwnz-wkbt
1
vulnerability VCID-2ctt-zm9j-17bx
2
vulnerability VCID-349d-w26k-mqfw
3
vulnerability VCID-381m-cmnk-ykef
4
vulnerability VCID-3fka-y25d-m7a3
5
vulnerability VCID-3hf4-tvxn-zyh4
6
vulnerability VCID-48ut-ykkc-83fx
7
vulnerability VCID-4aer-46u2-23f6
8
vulnerability VCID-4wwt-vt76-dbe1
9
vulnerability VCID-53h1-sj47-gugn
10
vulnerability VCID-565p-mgqe-gkfc
11
vulnerability VCID-5tqs-qmqn-gug5
12
vulnerability VCID-636u-5bdw-puh4
13
vulnerability VCID-6ck5-9e5b-w3ay
14
vulnerability VCID-6m8x-cfzp-tkf4
15
vulnerability VCID-8nda-kjr2-ufd4
16
vulnerability VCID-9f24-vqyt-r7dq
17
vulnerability VCID-9vdz-1jpq-kue3
18
vulnerability VCID-9wt5-xe6d-n3cb
19
vulnerability VCID-bbzr-hbhv-yyee
20
vulnerability VCID-c9dm-17vt-4bbc
21
vulnerability VCID-cucx-jfqf-pkd1
22
vulnerability VCID-d4qd-ut89-gbf4
23
vulnerability VCID-dgjq-y5zj-cud1
24
vulnerability VCID-djgn-ezxp-37eu
25
vulnerability VCID-en3b-g3f3-a3e3
26
vulnerability VCID-fm5k-u7s6-wfhb
27
vulnerability VCID-g1rp-twzp-63e1
28
vulnerability VCID-ga35-289v-vqhr
29
vulnerability VCID-gzcu-sbks-wyfa
30
vulnerability VCID-h6yp-zj5e-zkbm
31
vulnerability VCID-hzr8-ttbu-ebhg
32
vulnerability VCID-jfq8-xxwa-mkd1
33
vulnerability VCID-jnu7-1j9c-dqck
34
vulnerability VCID-k1gx-nznx-7qd6
35
vulnerability VCID-kh51-g4cv-tqaw
36
vulnerability VCID-krhy-kg1b-rfbk
37
vulnerability VCID-mapb-hsvc-2khc
38
vulnerability VCID-mt37-qzh7-gyfv
39
vulnerability VCID-n119-gta2-kfg1
40
vulnerability VCID-n7un-zgqv-jfef
41
vulnerability VCID-nc36-atc6-yua6
42
vulnerability VCID-nd8n-5dsu-2fbp
43
vulnerability VCID-pk74-yy1n-8qck
44
vulnerability VCID-r8pv-9upr-y7gd
45
vulnerability VCID-rhj7-dy7q-jkhw
46
vulnerability VCID-rr4q-f5cv-nkah
47
vulnerability VCID-s8u8-xbdk-87dj
48
vulnerability VCID-s9kv-9qfu-gbdq
49
vulnerability VCID-sktb-khbq-cuaq
50
vulnerability VCID-ssyn-dxp9-3kdq
51
vulnerability VCID-t84c-8r34-57b9
52
vulnerability VCID-tk6t-srar-h7a8
53
vulnerability VCID-ty3y-k9t2-qyba
54
vulnerability VCID-u1xx-aazv-bkg5
55
vulnerability VCID-u4w3-usvb-jyf6
56
vulnerability VCID-u5wt-ndvn-3ffg
57
vulnerability VCID-uqcw-p8g2-cfd2
58
vulnerability VCID-utyg-huhu-2ucq
59
vulnerability VCID-vevm-4sfk-f7gq
60
vulnerability VCID-vq5y-hdw3-nucj
61
vulnerability VCID-vy1y-zkf3-4ue4
62
vulnerability VCID-w3q4-838v-97ck
63
vulnerability VCID-wbuz-qcp3-43aq
64
vulnerability VCID-wbvy-zrtk-audw
65
vulnerability VCID-we42-mkyk-hfer
66
vulnerability VCID-ww44-hb2y-mfd5
67
vulnerability VCID-wwvq-399y-rfhc
68
vulnerability VCID-xumx-m3zz-jkh6
69
vulnerability VCID-y74s-ghyc-2bhs
70
vulnerability VCID-yare-57j9-j7cs
71
vulnerability VCID-ymka-jfep-87gt
72
vulnerability VCID-yrzt-3m97-53ce
73
vulnerability VCID-yty5-zn46-r3dj
74
vulnerability VCID-zawz-vky5-tkgt
75
vulnerability VCID-zvtp-4we3-qygx
76
vulnerability VCID-zxqc-67jp-uba7
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
1
url pkg:composer/drupal/drupal@9.2.13
purl pkg:composer/drupal/drupal@9.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-2s8m-ujzb-skd1
2
vulnerability VCID-674z-nf4t-b7ez
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-bbzr-hbhv-yyee
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-mapb-hsvc-2khc
7
vulnerability VCID-n7un-zgqv-jfef
8
vulnerability VCID-q4qx-7s1y-q3hc
9
vulnerability VCID-rdgr-yuu7-xkey
10
vulnerability VCID-u4w3-usvb-jyf6
11
vulnerability VCID-vevm-4sfk-f7gq
12
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.2.13
2
url pkg:composer/drupal/drupal@9.3.6
purl pkg:composer/drupal/drupal@9.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nf6-3q5b-gqfm
1
vulnerability VCID-1qgc-gjdn-9fhk
2
vulnerability VCID-2s8m-ujzb-skd1
3
vulnerability VCID-674z-nf4t-b7ez
4
vulnerability VCID-6ck5-9e5b-w3ay
5
vulnerability VCID-bbzr-hbhv-yyee
6
vulnerability VCID-dgjq-y5zj-cud1
7
vulnerability VCID-mapb-hsvc-2khc
8
vulnerability VCID-n7un-zgqv-jfef
9
vulnerability VCID-q4qx-7s1y-q3hc
10
vulnerability VCID-rdgr-yuu7-xkey
11
vulnerability VCID-u4w3-usvb-jyf6
12
vulnerability VCID-vevm-4sfk-f7gq
13
vulnerability VCID-wbuz-qcp3-43aq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@9.3.6
aliases CVE-2022-25271, GHSA-fmfv-x8mp-5767
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zw3u-6ue7-efdf
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0