Lucene search
K

5 matches found

CVE
CVE
added 2019/01/15 10:0 p.m.140 views

CVE-2017-6921

CVE-2017-6921 affects Drupal 8.x prior to 8.3.4, where the file REST resource does not properly validate certain fields when manipulating files. Exploitation requires the RESTful Web Services (rest) module enabled, the file REST resource enabled and allowing PATCH requests, and an attacker who ca...

5.9CVSS6.4AI score0.01834EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/01/15 10:0 p.m.17 views

CVE-2017-6921 File REST resource does not properly validate

In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services rest module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or...

7.3AI score0.01834EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.51 views

Drupal 8.x < 8.3.4 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists in the PECL YAML parser due to unsafe handling of PHP objects during certain operations. An unauthenticated, remote attacker can exploit this to execute arbitra...

9.8CVSS7.5AI score0.20482EPSS
Exploits7References5
OpenVAS
OpenVAS
added 2018/04/25 12:0 a.m.37 views

Fedora Update for drupal8 FEDORA-2018-922cc2fbaa

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.99993EPSS
Exploits54References4
Tenable Nessus
Tenable Nessus
added 2017/06/27 12:0 a.m.331 views

Drupal 7.x < 7.56 / 8.x < 8.3.4 Multiple Vulnerabilities (SA-CORE-2017-003)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.56 or 8.x prior to 8.3.4. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the PECL YAML parser due to unsafe handling of PHP objects during certain...

9.8CVSS7.3AI score0.20482EPSS
Exploits7References6
Rows per page
Query Builder