21 matches found
Ubuntu: Security Advisory (USN-6981-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6981-2 drupal7 vulnerabilities
USN-6981-1 fixed vulnerabilities in Drupal. This update provides the corresponding updates for Ubuntu 14.04 LTS. Original advisory details: It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code...
USN-6981-1: Drupal vulnerabilities
It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2020-13671 It was discovered that Drupal incorrectly sanitized archived filenames. A remote attacker could possibly use this issue to overwrite...
Ubuntu 16.04 LTS : Drupal vulnerabilities (USN-6981-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6981-1 advisory. It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code...
CVE-2020-13671
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...
VulnCheck KEV: CVE-2020-13671
Improper sanitization in the extension file names is present in Drupal core...
Security Bulletin: IBM API Connect's Developer Portal is vulnerable to arbitrary code excution in Drupal Core (CVE-2020-13671)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-13671 DESCRIPTION: Drupal Core could allow a remote attacker to execute arbitrary code on the system, caused by the failure to properly sanitize certain filenames on uploaded files. By...
Fedora 32 : drupal8 (2020-d50d74d6f2)
https://www.drupal.org/project/drupal/releases/8.9.11 - https://www.drupal.org/project/drupal/releases/8.9.10 - https://www.drupal.org/sa-core-2020-013 CVE-2020-28948 / CVE-2020-28949 - https://www.drupal.org/project/drupal/releases/8.9.9 - https://www.drupal.org/sa-core-2020-012 CVE-2020-13671 -...
Fedora: Security Advisory for drupal8 (FEDORA-2020-6f1079934c)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-13671
creationtimestamp| type| source ---|---|--- 2020-11-20 18:42:49+00:00| seen| https://t.me/cibsecurity/16662 2020-11-20 18:45:49+00:00| seen| https://t.me/cKure/2918 2020-12-09 07:25:06+00:00| seen| https://t.me/cibsecurity/17408 2023-06-14 21:10:04+00:00| seen|...
CVE-2020-13671
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...
CVE-2020-13671
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...
CVE-2020-13671
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...
CVE-2020-13671
Removed by vendor...
CVE-2020-13671
CVE-2020-13671 affects Drupal Core. The issue arises from Drupal core not properly sanitizing certain uploaded filenames, causing files to be interpreted with an incorrect extension and served with the wrong MIME type or potentially executed as PHP under some hosting configurations. Affected vers...
CVE-2020-13671
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...
Drupal 7.x, 8.x, 9.x RCE Vulnerability (SA-CORE-2020-012) - Linux
Drupal is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...
Debian: Security Advisory (DLA-2458-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-13671
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...
Drupal 7.x, 8.x, 9.x RCE Vulnerability (SA-CORE-2020-012) - Windows
Drupal is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...