Lucene search
GoogleOSV:CVE-2020-13665HistoryMay 05, 2021 - 3:15 p.m.
CVE-2020-13665
2021-05-0515:15:08
Google
osv.dev
5
Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the read_only set to FALSE under jsonapi.settings config are vulnerable. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.x versions prior to 9.0.1.
References
Related
github
github
Drupal Core Access bypass vulnerability
2022-05-24 17:49:27
osv
osv
Drupal Core Access bypass vulnerability
2022-05-24 17:49:27
BIT-drupal-2020-13665
2024-03-06 10:58:25
nvd
nvd
CVE-2020-13665
2021-05-05 15:15:08
ubuntucve
ubuntucve
CVE-2020-13665
2021-05-05 00:00:00
drupal
drupal
Drupal core - Less critical - Access bypass - SA-CORE-2020-006
2020-06-17 00:00:00
cve
cve
CVE-2020-13665
2021-05-05 15:15:08
prion
prion
Security feature bypass
2021-05-05 15:15:00
cvelist
cvelist
CVE-2020-13665
2021-05-05 14:14:09
debiancve
debiancve
CVE-2020-13665
2021-05-05 15:15:00
friendsofphp
friendsofphp
Drupal core - Less critical - Access bypass - SA-CORE-2020-006
1970-01-01 00:00:00
Drupal core - Less critical - Access bypass - SA-CORE-2020-006
1970-01-01 00:00:00
veracode
veracode
Privilege Escalation
2021-05-08 11:56:25
ibm
ibm
openvas
openvas
nessus
nessus
Drupal 8.9.x < 8.9.1 Multiple Vulnerabilities
2020-06-26 00:00:00
Drupal 7.x < 7.72 Multiple Vulnerabilities
2020-06-26 00:00:00
Drupal 8.8.x < 8.8.8 Multiple Vulnerabilities
2020-06-26 00:00:00