5 matches found
Drupal 9.4.x < 9.4.10 / 9.5.x < 9.5.2 / 10.0.x < 10.0.2 Drupal Vulnerability (SA-CORE-2023-001)
According to its self-reported version, the instance of Drupal running on the remote web server is 9.4.x prior to 9.4.10 or 9.5.x prior to 9.5.2 or 10.0.x prior to 10.0.2. It is, therefore, affected by a vulnerability. - The Media Library module does not properly check entity access in some...
Drupal Information Disclosure Vulnerability (SA-CORE-2023-001) - Linux
Drupal is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...
Drupal Information Disclosure Vulnerability (SA-CORE-2023-001) - Windows
Drupal is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...
Drupal 9.4.x < 9.4.10 / 9.5.x < 9.5.2 / 10.0.x < 10.0.2 Drupal Vulnerability (SA-CORE-2023-001) (Deprecated)
According to its self-reported version, the instance of Drupal running on the remote web server is 9.4.x prior to 9.4.10 or 9.5.x prior to 9.5.2 or 10.0.x prior to 10.0.2. It is, therefore, affected by a vulnerability. - The Media Library module does not properly check entity access in some...
Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-001
The Media Library module does not properly check entity access in some circumstances. This may result in users with access to edit content seeing metadata about media items they are not authorized to access. The vulnerability is mitigated by the fact that the inaccessible media will only be visib...