5 matches found
CVE-2017-6921
CVE-2017-6921 affects Drupal 8.x prior to 8.3.4, where the file REST resource does not properly validate certain fields when manipulating files. Exploitation requires the RESTful Web Services (rest) module enabled, the file REST resource enabled and allowing PATCH requests, and an attacker who ca...
CVE-2017-6921 File REST resource does not properly validate
In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services rest module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or...
Drupal 8.x < 8.3.4 Multiple Vulnerabilities
According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists in the PECL YAML parser due to unsafe handling of PHP objects during certain operations. An unauthenticated, remote attacker can exploit this to execute arbitra...
Fedora Update for drupal8 FEDORA-2018-922cc2fbaa
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Drupal 7.x < 7.56 / 8.x < 8.3.4 Multiple Vulnerabilities (SA-CORE-2017-003)
According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.56 or 8.x prior to 8.3.4. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the PECL YAML parser due to unsafe handling of PHP objects during certain...