Lucene search
K

7 matches found

CVE
CVE
added 2019/01/22 4:0 p.m.144 views

CVE-2017-6923

CVE-2017-6923, CVE-2017-6924, and CVE-2017-6925 describe Drupal 8.x vulnerabilities prior to 8.3.7 affecting Ajax endpoint access control, REST API comment posting, and entity access restrictions, respectively. The issues are documented under SA-CORE-2017-004 and are fixed in Drupal 8.3.7. Affect...

6.5CVSS7.8AI score0.01628EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2018/04/25 12:0 a.m.37 views

Fedora Update for drupal8 FEDORA-2018-922cc2fbaa

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.99993EPSS
Exploits54References4
Tenable Nessus
Tenable Nessus
added 2017/09/11 12:0 a.m.31 views

Fedora 26 : drupal8 (2017-0fbd57c134)

8.3.7 - SA-CORE-2017-004 CVE-2017-6923, CVE-2017-6924, CVE-2017-6925 - 8.3.6 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

9.8CVSS7.5AI score0.03017EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/09/11 12:0 a.m.39 views

Fedora 25 : drupal8 (2017-902970c18f)

8.3.7 - SA-CORE-2017-004 CVE-2017-6923, CVE-2017-6924, CVE-2017-6925 - 8.3.6 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

9.8CVSS7.5AI score0.03017EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2017/09/09 12:0 a.m.29 views

Fedora Update for drupal8 FEDORA-2017-0fbd57c134

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.03017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/08/21 12:0 a.m.39 views

FreeBSD : drupal -- Drupal Core - Multiple Vulnerabilities (473b6a9e-8493-11e7-b24b-6cf0497db129)

Drupal Security Team : CVE-2017-6923: Views - Access Bypass - Moderately Critical CVE-2017-6924: REST API can bypass comment approval - Access Bypass - Moderately Critica CVE-2017-6925: Entity access bypass for entities that do not have UUIDs or have protected revisions - Access Bypass - Critical...

9.8CVSS7.6AI score0.03017EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2017/08/17 3:50 p.m.30 views

Drupal Patches Critical Access Bypass Bug

Website management platform Drupal released several patches that address access bypass vulnerabilities in its Drupal 8 Core engine Wednesday, fixing one critical and two moderately critical security bugs. The most serious of the vulnerabilities is the access bypass vulnerability CVE-2017-6925 in...

1.2AI score0.03017EPSS
Exploits0References10
Rows per page
Query Builder