Show advisories for only Drupal Core, only contributed projects, or only PSAs

JSON:API - Moderately critical - Multiple Vulnerabilities - SA-CONTRIB-2018-015

Date: 
2018-February-21
Security risk: 
Moderately critical 13 ∕ 25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:All

This module provides a JSON API standards-compliant API for accessing and manipulating Drupal content and configuration entities.

  • The module doesn't sufficiently associate cacheability metadata in certain situations thereby causing an access bypass vulnerability.

    This vulnerability is mitigated by the fact that an attacker cannot trigger an exploitable situation themselves.

CKEditor Upload Image - Critical - Access bypass - SA-CONTRIB-2018-014

Date: 
2018-February-21
Security risk: 
Critical 15 ∕ 25 AC:None/A:None/CI:None/II:Some/E:Theoretical/TD:All

This module enables you to drag and drop or paste images into CKEditor.
The module does not sufficiently verify users permissions, which leads to anonymous users being able to upload files to the server.

Drupal core - Critical - Multiple Vulnerabilities - SA-CORE-2018-001

Date: 
2018-February-21
Security risk: 
Critical 16 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Exploit/TD:Default

This security advisory fixes multiple vulnerabilities in both Drupal 7 and Drupal 8. See below for a list.

Comment reply form allows access to restricted content - Critical - Drupal 8 - CVE-2017-6926

Users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content.

This vulnerability is mitigated by the fact that the comment system must be enabled and the attacker must have permission to post comments.

Entity API - Moderately critical - Information Disclosure - SA-CONTRIB-2018-013

Date: 
2018-February-14
Security risk: 
Moderately critical 10 ∕ 25 AC:Complex/A:User/CI:Some/II:None/E:Theoretical/TD:All

The Entity API module extends the entity API of Drupal core in order to provide a unified way to deal with entities and their properties.

The module prints debugging information to the HTML output in certain error conditions thereby causing an information disclosure vulnerability.

This vulnerability is mitigated by the fact that an attacker needs to be able to trigger the error condition in a way that protected data is exposed.

Entity Backup - Critical - Module Unsupported - SA-CONTRIB-2018-012

Date: 
2018-February-14
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Proof/TD:Default

The main purpose of the Entity Backup module is to keep a backup of deleted Drupal core entities and perform recovery of them.

The security team is marking this module unsupported. There is a known security issue with the module that has not been fixed by the maintainer. If you would like to maintain this module, please read: https://www.drupal.org/node/251466

Dynamic Banner - Less critical - Cross site scripting - SA-CONTRIB-2018-011

Date: 
2018-February-14
Security risk: 
Less critical 7 ∕ 25 AC:Basic/A:Admin/CI:None/II:None/E:Theoretical/TD:All

This module enables a site to display different banners (via blocks) on different pages depending upon specific criteria.

The module doesn't sufficiently filter output of banner data.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer dynamic_banner".

Custom Permissions - Moderately critical - Access bypass - SA-CONTRIB-2018-010

Date: 
2018-February-14
Security risk: 
Moderately critical 14 ∕ 25 AC:None/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon

This module enables the user to set custom permissions per path.

The module doesn't perform sufficient checks on paths with dynamic arguments (like "node/1" or "user/2"), thereby allowing the site administrator to save custom permissions for paths that won't be protected. This could lead to an access bypass vulnerability if the site is relying on the Custom Permissions module to protect those paths.

This vulnerability is mitigated by the fact that it only occurs on sites which attempted to use the Custom Permissions module to protect dynamic paths.

VChess - Critical - Module Unsupported - SA-CONTRIB-2018-009

Date: 
2018-February-14
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Proof/TD:Default

The Drupal VChess module allows users to play a chess game.

The security team is marking this module unsupported. There is a known security issue with the module that has not been fixed by the maintainer. If you would like to maintain this module, please read: https://www.drupal.org/node/251466

Entity Reference Tab / Accordion Formatter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-008

Date: 
2018-February-07
Security risk: 
Moderately critical 14 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All

This module enables you to show referenced entities in tabs.

The module doesn't sufficiently sanitize the body fields of the referenced entities when it prints them to the tabs.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission create/edit content of the content type that is referenced.

FileField Sources - Moderately critical - Access Bypass - SA-CONTRIB-2018-007

Date: 
2018-February-07
Security risk: 
Moderately critical 12 ∕ 25 AC:Complex/A:None/CI:Some/II:None/E:Theoretical/TD:All

This module enables you to upload files to fields via several sources.

The module doesn't sufficiently handle access control under the scenario of the autocomplete path of reference sources.

Pages

Subscribe with RSS Subscribe to Security advisories