5 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-6381
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default...
Drupal 8.x < 8.2.7 Multiple Vulnerabilities
According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the editor module due to a failure to properly check access restrictions when adding private files with a configured text editor e.g...
Drupal Multiple Vulnerabilities (SA-2017-001) - Windows
Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...
CVE-2017-6381
CVE-2017-6381 corresponds to a Drupal RCE via the PHPUnit component bundled with Drupal 8 development dependencies. Affected if running Drupal versions before 8.2.2; mitigation in the public description notes that .htaccess generally blocks PHP execution and that Composer development dependencies...
drupal8 -- multiple vulnerabilities
Drupal Security Team reports: CVE-2017-6377: Editor module incorrectly checks access to inline private files CVE-2017-6379: Some admin paths were not protected with a CSRF token CVE-2017-6381: Remote code execution...