7 matches found
Fedora 28 : drupal8 (2018-906ba26b4d) (Drupalgeddon 2)
8.4.6 - SA-CORE-2018-002 CVE-2018-7600 - 8.4.5 - SA-CORE-2018-001 CVE-2017-6926 / CVE-2017-6927 / CVE-2017-6930 / CVE-2017-6931 - 8.4.4 - 8.4.3 - 8.4.2 - 8.4.1 - 8.4.0 - 8.4.0-rc2 - 8.4.0-rc1 - 8.4.0-beta1 - 8.4.0-alpha1 Note that Tenable Network Security has extracted the preceding description...
Fedora Update for drupal8 FEDORA-2018-1ba93b3144
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for drupal8 FEDORA-2018-922cc2fbaa
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for drupal8 FEDORA-2018-6e6d8c314b
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : drupal8 (2018-922cc2fbaa) (Drupalgeddon 2)
8.3.9 - SA-CORE-2018-002 CVE-2018-7600 - 8.3.8 - SA-CORE-2018-001 CVE-2017-6926 / CVE-2017-6927 / CVE-2017-6930 / CVE-2017-6931 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...
CVE-2017-6931
In Drupal versions 8.4.x versions before 8.4.5 the Settings Tray module has a vulnerability that allows users to update certain data that they do not have the permissions for. If you have implemented a Settings Tray form in contrib or a custom module, the correct access checks should be added. Th...
CVE-2017-6931
The CVE concerns Drupal 8.4.x prior to 8.4.5 where the Settings Tray form (in Settings Tray module, contributed or custom) bypasses proper access checks, allowing users to update data they should not modify. The root cause is missing access checks in certain Settings Tray implementations; the Dru...