Search for packages
| purl | pkg:deb/debian/drupal7@7.14-2%2Bdeb7u12 |
| Next non-vulnerable version | 7.52-2+deb9u11 |
| Latest non-vulnerable version | 7.52-2+deb9u11 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-349d-w26k-mqfw
Aliases: CVE-2019-11831 GHSA-xv7v-rf6g-xwrc |
Moderately critical - Third-party libraries - SA-CORE-2019-007 The `PharStreamWrapper` (aka `phar-stream-wrapper`) package does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a `phar:///path/bad.phar/../good.phar` URL. |
Affected by 0 other vulnerabilities. |
|
VCID-3fka-y25d-m7a3
Aliases: CVE-2019-6339 GHSA-8cw5-rv98-5c46 |
Improper Input Validation A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted `phar://` URI. Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability. This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration. |
Affected by 0 other vulnerabilities. |
|
VCID-3hf4-tvxn-zyh4
Aliases: CVE-2017-6922 GHSA-58f3-cx8p-h8jg |
Files uploaded by anonymous users accessed by other users Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core does not provide this protection, allowing an access bypass vulnerability to occur. This issue is mitigated by the fact that in order to be affected, the site must allow anonymous users to upload files into a private file system. |
Affected by 17 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-3s9f-prpy-hbcx
Aliases: CVE-2019-11358 GHSA-6c3j-c64m-qhgq |
Cross-site Scripting The jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.` |
Affected by 0 other vulnerabilities. |
|
VCID-4f3r-kany-ebbf
Aliases: CVE-2015-3233 |
security update |
Affected by 31 other vulnerabilities. |
|
VCID-53h1-sj47-gugn
Aliases: CVE-2016-3162 GHSA-w2pj-c8x5-jvg2 |
Improper Access Control The File module in Drupal allows remote authenticated users to bypass access restrictions and read, delete, or substitute a link to a file uploaded to an unprocessed form by leveraging permission to create content or comment and upload files. |
Affected by 17 other vulnerabilities. |
|
VCID-5618-53yg-8qh4
Aliases: CVE-2020-11022 GHSA-gxr4-xjj5-5px2 |
Potential XSS vulnerability in jQuery ### Impact Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code. ### Patches This problem is patched in jQuery 3.5.0. ### Workarounds To workaround the issue without upgrading, adding the following to your code: ```js jQuery.htmlPrefilter = function( html ) { return html; }; ``` You need to use at least jQuery 1.12/2.2 or newer to be able to apply this workaround. ### References https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ https://jquery.com/upgrade-guide/3.5/ ### For more information If you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue. |
Affected by 0 other vulnerabilities. |
|
VCID-78hg-6xhp-xug2
Aliases: CVE-2015-6659 |
security update |
Affected by 17 other vulnerabilities. |
|
VCID-88xy-vtkt-1ke2
Aliases: CVE-2015-6661 |
security update |
Affected by 17 other vulnerabilities. |
|
VCID-9wt5-xe6d-n3cb
Aliases: CVE-2016-3164 GHSA-836p-6p4j-35cg |
Open redirect via path manipulation Drupal might allow remote attackers to conduct open redirect attacks by leveraging (1) custom code or (2) a form shown on an error page, related to path manipulation. |
Affected by 17 other vulnerabilities. |
|
VCID-cucx-jfqf-pkd1
Aliases: CVE-2019-6338 GHSA-6rmq-x2hv-vxpp |
Deserialization of Untrusted Data Drupal core uses the third-party PEAR `Archive_Tar` library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details. |
Affected by 0 other vulnerabilities. |
|
VCID-cvxp-ctj9-guej
Aliases: CVE-2020-11023 GHSA-jpcq-cgw6-v4j6 |
Potential XSS vulnerability in jQuery ### Impact Passing HTML containing `<option>` elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code. ### Patches This problem is patched in jQuery 3.5.0. ### Workarounds To workaround this issue without upgrading, use [DOMPurify](https://github.com/cure53/DOMPurify) with its `SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a jQuery method. ### References https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ ### For more information If you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue. |
Affected by 0 other vulnerabilities. |
|
VCID-djgn-ezxp-37eu
Aliases: CVE-2019-6341 GHSA-cmmh-8mwp-gq5p |
Cross-site Scripting Under certain circumstances the File `module/subsystem` allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability. |
Affected by 0 other vulnerabilities. |
|
VCID-en3b-g3f3-a3e3
Aliases: CVE-2016-3163 GHSA-h3r9-pjmr-f938 |
Brute force amplification attacks via XML-RPC The XML-RPC system in Drupal might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method. |
Affected by 17 other vulnerabilities. |
|
VCID-fjyh-jqpg-vubw
Aliases: CVE-2015-3231 |
security update |
Affected by 31 other vulnerabilities. |
|
VCID-g1rp-twzp-63e1
Aliases: CVE-2017-6929 GHSA-5vpr-v24w-mmjj |
Cross-site Scripting A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. |
Affected by 17 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ga35-289v-vqhr
Aliases: CVE-2018-7600 GHSA-7fh9-933g-885p |
Drupal Core Remote Code Execution Vulnerability Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. |
Affected by 17 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-jnu7-1j9c-dqck
Aliases: CVE-2017-6927 GHSA-585j-5449-mf5m |
JavaScript cross-site scripting prevention is incomplete Drupal has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output is not auto-escaped by either Drupal 7 or Drupal 8). This function does not correctly handle all methods of injecting malicious HTML, leading to a cross-site scripting vulnerability under certain circumstances. The PHP functions which Drupal provides for HTML escaping are not affected. |
Affected by 17 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-k78c-w9h8-n3a9
Aliases: CVE-2015-6658 |
security update |
Affected by 17 other vulnerabilities. |
|
VCID-kwe1-gm4m-tkgf
Aliases: CVE-2016-9451 GHSA-66gr-xrcf-8jpq |
URL Redirection to Untrusted Site (Open Redirect) Confirmation forms in Drupal make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors. |
Affected by 17 other vulnerabilities. |
|
VCID-mt37-qzh7-gyfv
Aliases: CVE-2016-3168 GHSA-qqxc-cppg-4xp8 |
Reflected file download vulnerability The System module in Drupal might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrary JSON-encoded content. |
Affected by 17 other vulnerabilities. |
|
VCID-nz7p-8jcg-kqej
Aliases: CVE-2015-6660 |
security update |
Affected by 17 other vulnerabilities. |
|
VCID-pr35-tmm9-b3h2
Aliases: CVE-2015-3232 |
security update |
Affected by 31 other vulnerabilities. |
|
VCID-puac-3k99-37fz
Aliases: CVE-2015-3234 |
security update |
Affected by 31 other vulnerabilities. |
|
VCID-s9kv-9qfu-gbdq
Aliases: CVE-2017-6928 GHSA-66mv-q8r2-hj8w |
Incorrect Permission Assignment for Critical Resource When using Drupal's private file system, Drupal will check to make sure a user has access to a file before allowing the user to view or download it. This check fails under certain conditions in which one module is trying to grant access to the file and another is trying to deny it, leading to an access bypass vulnerability. This vulnerability is mitigated by the fact that it only occurs for unusual site configurations. |
Affected by 17 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ssyn-dxp9-3kdq
Aliases: CVE-2020-13663 GHSA-m648-hpf8-qcjw |
Drupal Core Cross-Site Request Forgery (CSRF) vulnerability Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. |
Affected by 0 other vulnerabilities. |
|
VCID-tg1d-xb2a-qyfu
Aliases: CVE-2015-6665 |
security update |
Affected by 17 other vulnerabilities. |
|
VCID-u5wt-ndvn-3ffg
Aliases: CVE-2016-3170 GHSA-pqv4-xgqh-j8vh |
Information Exposure The `have you forgotten your password` links in the User module in Drupal allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in. |
Affected by 17 other vulnerabilities. |
|
VCID-vura-3gnb-rybs
Aliases: CVE-2020-13662 GHSA-gjqg-9rhv-qj67 |
Drupal Core Open Redirect vulnerability Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions. |
Affected by 0 other vulnerabilities. |
|
VCID-we42-mkyk-hfer
Aliases: CVE-2016-3169 GHSA-q3p9-8728-wq7x |
Saving user accounts can sometimes grant the user all roles The User module in Drupal allows remote attackers to gain privileges by leveraging contributed or custom code that calls the `user_save` function with an explicit category and loads all roles into the array. |
Affected by 17 other vulnerabilities. |
|
VCID-wq7j-1ruu-mkd9
Aliases: DSA-4323-1 drupal7 |
security update |
Affected by 0 other vulnerabilities. |
|
VCID-wwvq-399y-rfhc
Aliases: CVE-2018-7602 GHSA-297x-j9pm-xjgg |
Drupal Core Remote Code Execution Vulnerability A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. |
Affected by 17 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-yare-57j9-j7cs
Aliases: CVE-2017-6932 GHSA-wm86-w3cf-h6vm |
URL Redirection to Untrusted Site (Open Redirect) Drupal core has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. This vulnerability could allow an attacker to trick users into unwillingly navigating to an external site. |
Affected by 17 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-yrzt-3m97-53ce
Aliases: CVE-2016-9449 GHSA-p745-347h-hjfw |
Unprivileged access to taxonomy terms Modules wishing to restrict access to taxonomy terms may be incompatible with queries generated both by Drupal core as well as those generated by contributed modules like Entity Reference. As a result, information on taxonomy terms may be disclosed to unprivileged users. |
Affected by 17 other vulnerabilities. |
|
VCID-zxqc-67jp-uba7
Aliases: CVE-2016-6211 GHSA-frqf-9qr4-6vxf |
Saving user accounts can sometimes grant the user all roles The User module in Drupal allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form. |
Affected by 17 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||