Drupal Releases Security Update to Address a Vulnerability in Apigee Edge

Drupal released a security update to address a vulnerability affecting the Apigee Edge module for Drupal 9.x. An attacker could exploit this vulnerability to bypass access authorization or disclose sensitive information. CISA encourages users and administrators to review Drupal’s security advisor...

DRUPAL-CONTRIB-2023-005

The Apigee Edge module allows connecting a Drupal site to Apigee X / Edge in order to build a developer portal. Previous module versions did not support entity query level access checking, which could have led to information disclosure or access bypass in various places...

Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2023-005

The Apigee Edge module allows connecting a Drupal site to Apigee X / Edge in order to build a developer portal. Previous module versions did not support entity query level access checking, which could have led to information disclosure or access bypass in various places...

DRUPAL-CONTRIB-2022-045

The Apigee Edge module allows connecting a Drupal site to Apigee X / Edge in order to build a developer portal. The developers user can view API keys for their respective Apps. The module discloses information by allowing attackers to view cached information of API Keys from the browser cache for...

Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2022-045

The Apigee Edge module allows connecting a Drupal site to Apigee X / Edge in order to build a developer portal. The developers user can view API keys for their respective Apps. The module discloses information by allowing attackers to view cached information of API Keys from the browser cache for...

DRUPAL-CONTRIB-2021-020

The Apigee Edge module allows connecting a Drupal site to Apigee Edge in order to build a developer portal. The module did not properly validate user access for data creation in certain circumstances...

Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2021-020

The Apigee Edge module allows connecting a Drupal site to Apigee Edge in order to build a developer portal. The module did not properly validate user access for data creation in certain circumstances...

DRUPAL-CONTRIB-2020-028

The Apigee Edge module allows connecting a Drupal site to Apigee Edge in order to build a developer portal. It contains an "Apigee Edge Teams" submodule that provides shared app functionality by allowing developers to be organized into teams. The "Apigee Edge Teams" submodule has an information...

Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2020-028

The Apigee Edge module allows connecting a Drupal site to Apigee Edge in order to build a developer portal. It contains an "Apigee Edge Teams" submodule that provides shared app functionality by allowing developers to be organized into teams. The "Apigee Edge Teams" submodule has an information...