Show advisories for only Drupal Core, only contributed projects, or only PSAs

S3 File System - Moderately critical - Access bypass - SA-CONTRIB-2023-014

Date: 
2023-May-03
Security risk: 
Moderately critical 13 ∕ 25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:All

S3 File System (s3fs) provides an additional file system to your Drupal site, which stores files in Amazon's Simple Storage Service (S3) or any other S3-compatible storage service.

This module may fail to validate that a file being requested to be moved to storage was uploaded during the same web request, possibly allowing an attacker to move files that should normally be inaccessible to them.

This vulnerability is mitigated by the fact that another vulnerability must already exist outside of s3fs.

Drupal core - Moderately critical - Access bypass - SA-CORE-2023-005

Date: 
2023-April-19
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:All
CVE IDs: 
CVE-2023-31250

The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to.

Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you have issues accessing private files after updating.

Protected Pages - Critical - Access bypass - SA-CONTRIB-2023-013

Date: 
2023-April-12
Security risk: 
Critical 16 ∕ 25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All

This module enables you to secure any page with a password.

The module does not sufficiently restrict access to the page content.

Xray Audit - Moderately critical - Cross site scripting - SA-CONTRIB-2023-012

Date: 
2023-March-29
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All

This module is a tool for developers, analysts, and administrators that allows them to generate reports on a given Drupal installation.

The module does not sufficiently sanitize some data presented in its reports.

This vulnerability is mitigated by the fact that an attacker must have a role with permissions to administer an impacted content type.

Responsive media Image Formatter - Critical - Unsupported - SA-CONTRIB-2023-011

Date: 
2023-March-15
Security risk: 
Critical 15 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Media Responsive Thumbnail - Moderately critical - Information disclosure - SA-CONTRIB-2023-010

Date: 
2023-March-15
Security risk: 
Moderately critical 14 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default

The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image.

This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to.

This release was coordinated with SA-CORE-2023-002.

Drupal core - Moderately critical - Access bypass - SA-CORE-2023-004

Date: 
2023-March-15
Security risk: 
Moderately critical 14 ∕ 25 AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:Uncommon

Drupal core provides a page that outputs the markup from phpinfo() to assist with diagnosing PHP configuration.

If an attacker was able to achieve an XSS exploit against a privileged user, they may be able to use the phpinfo page to access sensitive information that could be used to escalate the attack.

This vulnerability is mitigated by the fact that a successful XSS exploit is required in order to exploit it.

Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-003

Date: 
2023-March-15
Security risk: 
Moderately critical 13 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon

The language module provides a Language switcher block which can be placed to provide links to quickly switch between different languages.

The URL of unpublished translations may be disclosed. When used in conjunction with a module like Pathauto, this may reveal the title of unpublished content.

This advisory is not covered by Drupal Steward.

Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-002

Date: 
2023-March-15
Security risk: 
Moderately critical 14 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default

The Media module does not properly check entity access in some circumstances. This may result in users seeing thumbnails of media items they do not have access to, including for private files.

This release was coordinated with SA-CONTRIB-2023-010.

This advisory is not covered by Drupal Steward.

Gutenberg - Less critical - Denial of Service - SA-CONTRIB-2023-009

Date: 
2023-March-08
Security risk: 
Less critical 8 ∕ 25 AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:All

This module provides a new UI experience for node editing - Gutenberg editor.

This vulnerability can cause DoS by using reusable blocks improperly.

This vulnerability is mitigated by the fact an attacker must have "use gutenberg" permission to exploit it.

Pages

Subscribe with RSS Subscribe to Security advisories