Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
fedoraFedoraFEDORA:C13D4309CBA7
HistoryDec 15, 2020 - 1:22 a.m.

[SECURITY] Fedora 33 Update: drupal8-8.9.11-1.fc33

2020-12-1501:22:18
lists.fedoraproject.org
10

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.967 High

EPSS

Percentile

99.6%

JSON

Drupal is an open source content management platform powering millions of websites and applications. It=EF=BF=BD=EF=BF=BD=EF=BF=BDs built, used, and supported by an active and diverse community of people around the world.

OSVersionArchitecturePackageVersionFilename
Fedora33anydrupal8< 8.9.11UNKNOWN

Related

nessus 41
openvas 26
fedora 7
ibm 2
debian 6
f5 1
osv 32
ubuntucve 8
amazon 2
attackerkb 5
drupal 6
mageia 1
githubexploit 2
ubuntu 1
oraclelinux 2
redhat 3
almalinux 1
rocky 1
gentoo 1
github 7
veracode 7
prion 9
cve 9
redhatcve 4
alpinelinux 5
debiancve 5
cisa_kev 2
packetstorm 1
checkpoint_advisories 1
archlinux 1
nessus
nessus
Fedora 33 : drupal8 (2020-6f1079934c)
2020-12-15 00:00:00
Fedora 32 : drupal8 (2020-d50d74d6f2)
2020-12-15 00:00:00
Drupal 8.9.x < 8.9.6 Multiple Vulnerabilities
2020-09-18 00:00:00
openvas
openvas
Fedora: Security Advisory for drupal8 (FEDORA-2020-6f1079934c)
2020-12-15 00:00:00
Fedora: Security Advisory for drupal8 (FEDORA-2020-d50d74d6f2)
2020-12-15 00:00:00
Drupal 8.x, 9.x Multiple Vulnerabilities (SA-CORE-2020-008, SA-CORE-2020-009, SA-CORE-2020-010, SA-CORE-2020-011) - Windows
2020-09-17 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: drupal8-8.9.11-1.fc32
2020-12-15 01:41:04
[SECURITY] Fedora 33 Update: drupal7-7.74-1.fc33
2020-11-27 01:24:16
[SECURITY] Fedora 32 Update: drupal7-7.74-1.fc32
2020-11-27 01:12:43
ibm
ibm
Security Bulletin: IBM API Connect's Developer Portal is impacted by multiple vulnerabilities in Drupal core.
2021-02-02 13:46:49
Security Bulletin: IBM API Connect's Developer Portal is vulnerable to arbitrary code excution in Drupal Core (CVE-2020-13671)
2021-02-02 14:58:19
debian
debian
[SECURITY] [DLA 2458-1] drupal7 security update
2020-11-19 11:47:17
[SECURITY] [DSA 4817-1] php-pear security update
2020-12-19 09:59:46
[SECURITY] [DSA 4817-1] php-pear security update
2020-12-19 09:59:46
f5
f5
K58581302 : Archive_Tar vulnerabilities CVE-2020-28948 and CVE-2020-28949
2020-12-03 00:00:00
osv
osv
php-pear - security update
2020-12-19 00:00:00
php-pear - security update
2020-11-23 00:00:00
drupal7 - security update
2020-11-26 00:00:00
ubuntucve
ubuntucve
CVE-2020-28949
2020-11-19 00:00:00
CVE-2020-13666
2021-05-05 00:00:00
CVE-2020-13671
2020-11-20 00:00:00
amazon
amazon
Medium: php-pear
2021-01-05 23:34:00
Medium: php7-pear
2021-01-12 22:51:00
attackerkb
attackerkb
CVE-2020-28949
2020-11-19 00:00:00
CVE-2020-13671
2020-11-20 00:00:00
CVE-2020-13668
2020-09-17 00:00:00
drupal
drupal
Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2020-013
2020-11-25 00:00:00
Drupal core - Moderately critical - Access bypass - SA-CORE-2020-008
2020-09-16 00:00:00
Drupal core - Critical - Remote code execution - SA-CORE-2020-012
2020-11-18 00:00:00
mageia
mageia
Updated php-pear packages fix security vulnerabilities
2020-12-08 13:40:32
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Php Archive Tar
2020-11-27 11:21:46
Exploit for Deserialization of Untrusted Data in Php Archive Tar
2021-05-24 15:36:16
ubuntu
ubuntu
PEAR vulnerabilities
2020-12-01 00:00:00
oraclelinux
oraclelinux
php-pear security update
2022-11-03 00:00:00
php:7.4 security update
2022-09-16 00:00:00
redhat
redhat
(RHSA-2022:6541) Moderate: php:7.4 security update
2022-09-15 08:06:49
(RHSA-2022:7340) Moderate: php-pear security update
2022-11-02 16:04:25
(RHSA-2022:6542) Moderate: php:7.4 security update
2022-09-15 08:06:55
almalinux
almalinux
Moderate: php:7.4 security update
2022-09-15 00:00:00
rocky
rocky
php:7.4 security update
2022-09-15 08:06:55
gentoo
gentoo
PEAR Archive_Tar: Directory traversal
2021-01-26 00:00:00
github
github
Drupal Core Cross-site scripting vulnerability
2022-05-24 17:49:27
Drupal core Unrestricted Upload of File with Dangerous Type
2021-10-12 16:28:25
Exposure of Resource to Wrong Sphere in Drupal Core
2022-02-12 00:00:47
veracode
veracode
Cross-site Scripting (XSS)
2022-02-14 04:52:36
Remote Code Execution (RCE)
2020-11-20 13:22:25
PHAR Unserialization
2020-11-20 03:05:45
prion
prion
Information disclosure
2022-02-11 16:15:00
Cross site scripting
2022-02-11 16:15:00
Code injection
2020-11-19 19:15:00
cve
cve
CVE-2020-13669
2022-02-11 16:15:00
CVE-2020-13666
2021-05-05 14:15:00
CVE-2020-13668
2022-02-11 16:15:00
redhatcve
redhatcve
CVE-2020-13667
2022-05-21 00:24:24
CVE-2020-28949
2020-12-23 13:31:50
CVE-2020-13671
2022-05-20 23:37:25
alpinelinux
alpinelinux
CVE-2020-28949
2020-11-19 19:15:00
CVE-2020-13671
2020-11-20 16:15:00
CVE-2020-13666
2021-05-05 14:15:00
debiancve
debiancve
CVE-2020-28949
2020-11-19 19:15:00
CVE-2020-13671
2020-11-20 16:15:00
CVE-2020-13666
2021-05-05 14:15:00
cisa_kev
cisa_kev
Drupal core Un-restricted Upload of File
2022-01-18 00:00:00
PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
2022-08-25 00:00:00
packetstorm
packetstorm
PEAR Archive_Tar Arbitrary File Write
2021-01-25 00:00:00
checkpoint_advisories
checkpoint_advisories
PEAR Archive Tar Insecure Deserialization Code Execution (CVE-2020-28948)
2022-10-18 00:00:00
archlinux
archlinux
[ASA-202102-7] nextcloud: directory traversal
2021-02-06 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.967 High

EPSS

Percentile

99.6%

JSON
Related for FEDORA:C13D4309CBA7
nessus41openvas26fedora7ibm2debian6f51osv32ubuntucve8amazon2attackerkb5drupal6mageia1githubexploit2ubuntu1oraclelinux2redhat3almalinux1rocky1gentoo1github7veracode7prion9cve9redhatcve4alpinelinux5debiancve5cisa_kev2packetstorm1checkpoint_advisories1archlinux1