SUSE CVE-2015-3231

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache...

Drupal 7.x < 7.38 Multiple Vulnerabilities

Binary data 9217.prm...

Mageia: Security Advisory (MGASA-2015-0253)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : drupal7-7.38-1.fc21 (2015-10189)

Release 7.38 is a security fix release - Upstream release notes: https://www.drupal.org/drupal-7.38-release-notes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...

Fedora Update for drupal7 FEDORA-2015-10189

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-3231

Drupal 7.x (before 7.38) renders cache data by user role in its Render caching system. Affected component is the Render cache, which can leak private content viewed by user 1 to remote authenticated users by reading the cache. Root cause described across multiple sources: caching by user role inc...

Debian DSA-3291-1 : drupal7 - security update

Several vulnerabilities were found in drupal7, a content management platform used to power websites. - CVE-2015-3231 Incorrect cache handling made private content viewed by 'user 1' exposed to other, non-privileged users. - CVE-2015-3232 A flaw in the Field UI module made it possible for attacker...

[SECURITY] [DSA 3291-1] drupal7 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3291-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 18, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3291-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3291-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 18, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3291-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3291-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 18, 2015 https://www.debian.org/security/faq -...

DSA-3291-1 drupal7 - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3291-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-002

Impersonation OpenID module - Drupal 6 and 7 - Critical A vulnerability was found in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts. This vulnerability is mitigated by the fact that the victim must have an...