Lucene search
K

10 matches found

OSV
OSV
added 2022/05/14 2:57 a.m.17 views

GHSA-9C24-G32G-35RJ Drupal PECL YAML parser unsafe object handling

Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations...

9.8CVSS9.8AI score0.20482EPSS
Exploits7References8
Github Security Blog
Github Security Blog
added 2022/05/14 2:57 a.m.28 views

Drupal PECL YAML parser unsafe object handling

Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations...

9.8CVSS9.9AI score0.20482EPSS
Exploits7References8Affected Software2
OSV
OSV
added 2018/08/06 3:29 p.m.27 views

CVE-2017-6920

Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations...

9.8CVSS7.9AI score0.20482EPSS
Exploits7References3
Prion
Prion
added 2018/08/06 3:29 p.m.16 views

Code injection

Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations...

7.5CVSS9.8AI score0.20482EPSS
Exploits7References3Affected Software1
NVD
NVD
added 2018/08/06 3:29 p.m.16 views

CVE-2017-6920

Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations...

9.8CVSS9.8AI score0.20482EPSS
Exploits7References3
Cvelist
Cvelist
added 2018/08/06 3:0 p.m.21 views

CVE-2017-6920

Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations...

9.8AI score0.20482EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2017/07/07 12:0 a.m.35 views

FreeBSD : drupal -- Drupal Core - Multiple Vulnerabilities (4fc2df49-6279-11e7-be0f-6cf0497db129)

Drupal Security Team Reports : CVE-2017-6920: PECL YAML parser unsafe object handling. CVE-2017-6921: File REST resource does not properly validate CVE-2017-6922: Files uploaded by anonymous users into a private file system can be accessed by other anonymous users. %NASLMINLEVEL 70300 C Tenable...

9.8CVSS6.7AI score0.20482EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2017/06/27 12:0 a.m.333 views

Drupal 7.x < 7.56 / 8.x < 8.3.4 Multiple Vulnerabilities (SA-CORE-2017-003)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.56 or 8.x prior to 8.3.4. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the PECL YAML parser due to unsafe handling of PHP objects during certain...

9.8CVSS7.3AI score0.20482EPSS
Exploits7References6
OpenVAS
OpenVAS
added 2017/06/22 12:0 a.m.35 views

Drupal Core Multiple Vulnerabilities (SA-CORE-2017-003) - Linux

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

9.8CVSS6.5AI score0.20482EPSS
Exploits7References4
Friends Of PHP
Friends Of PHP
added 2017/06/21 6:13 p.m.23 views

PECL YAML parser unsafe object handling

More info at https://www.drupal.org/SA-CORE-2017-003...

9.8CVSS7.2AI score0.20482EPSS
Exploits7Affected Software1
Rows per page
Query Builder