Linux Distros Unpatched Vulnerability : CVE-2022-25274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Drupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not completely integrated with existing permissions, resulting in...

CVE-2022-25274

creationtimestamp| type| source ---|---|--- 2023-04-26 18:26:07+00:00| seen| https://t.me/cibsecurity/62907...

CVE-2022-25274

Drupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not completely integrated with existing permissions, resulting in some possible access bypass for users who have access to use revisions of content generally, but who do not have access to individual...

CVE-2022-25274

Drupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not completely integrated with existing permissions, resulting in some possible access bypass for users who have access to use revisions of content generally, but who do not have access to individual...

CVE-2022-25274

CVE-2022-25274 concerns Drupal 9.3 where a generic entity access API for revisions was not fully integrated with existing permissions. The root cause is the incomplete integration between the revisions API and per-item access controls, which can permit access bypass for users who can use revision...

CVE-2022-25274

Drupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not completely integrated with existing permissions, resulting in some possible access bypass for users who have access to use revisions of content generally, but who do not have access to individual...