Show advisories for only Drupal Core, only contributed projects, or only PSAs

View Password - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-026

Date: 
2024-July-31
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
CVE IDs: 
CVE-2024-13262

The View Password module enables you to add a help icon button next to the password input field to toggle the password visibility. The administrative user is allowed to add classes to this icon for styling purposes.

The module doesn't validate the content of classes. A malicious user with access to the View Password Settings Form could add malicious code in the classes field.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer view password".

Third-Party Libraries and Supply Chains - PSA-2024-06-26

Date: 
2024-June-26

Following on from previous PSAs on third-party code in the Drupal ecosystem:

It is the policy of the Drupal Security Team that site owners are responsible for monitoring and maintaining the security of third-party libraries.

Acquia DAM - Moderately critical - Cross Site Request Forgery, Denial of Service - SA-CONTRIB-2024-025

Date: 
2024-June-05
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:None/CI:None/II:Some/E:Theoretical/TD:All
CVE IDs: 
CVE-2024-13261

Acquia DAM provides a connection to a third-party asset management system, allowing for images to be managed, linked to, and viewed from Drupal. In order for assets to be managed in Drupal, a site administrator must first authenticate the site to their DAM instance.

Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

Date: 
2024-May-29
Security risk: 
Moderately critical 10 ∕ 25 AC:Basic/A:Admin/CI:None/II:Some/E:Theoretical/TD:All
CVE IDs: 
CVE-2024-13260

The Migrate queue importer module enables you to create cron migrations(configuration entities) with a reference towards migration entities in order to import them during cron runs.

The module doesn't sufficiently protect against Cross Site Request Forgery
under specific scenarios allowing an attacker to enable/disable a cron migration.

This vulnerability is mitigated by the fact that an attacker must know the
id of the migration.

Image Sizes - Moderately critical - Access bypass - SA-CONTRIB-2024-023

Date: 
2024-May-29
Security risk: 
Moderately critical 14 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default
CVE IDs: 
CVE-2024-13259

This module enables you to create responsive image styles that depend on the parent element's width.

The module doesn't sufficiently check access to rendered images, resulting in access bypass vulnerabilities in specific scenarios.

Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022

Date: 
2024-May-29
Security risk: 
Moderately critical 11 ∕ 25 AC:Basic/A:User/CI:Some/II:None/E:Theoretical/TD:All
CVE IDs: 
CVE-2024-13258

Drupal REST & JSON API Authentication module restricts and secures unauthorized access to your Drupal site APIs using different authentication methods including Basic Authentication , API Key Authentication , JWT Authentication , OAuth Authentication , External / Third-Party Provider Authentication, etc.

The module doesn't sufficiently control user access when using Basic Authentication.

Commerce View Receipt - Moderately critical - Access bypass - SA-CONTRIB-2024-021

Date: 
2024-May-22
Security risk: 
Moderately critical 13 ∕ 25 AC:None/A:User/CI:Some/II:None/E:Theoretical/TD:All
CVE IDs: 
CVE-2024-13257

The Commerce View Receipts module enables you to view commerce order receipts in the browser.

The module doesn't sufficiently check access permissions, allowing an unauthorised user to view the private information of other customers.

Email Contact - Moderately critical - Access bypass - SA-CONTRIB-2024-020

Date: 
2024-May-22
Security risk: 
Moderately critical 12 ∕ 25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:Default
CVE IDs: 
CVE-2024-13256

The Email Contact module provides email field display formatters that can display the field as a link to the contact form, or as an inline contact form.

The module does not sufficiently handle restricted entity or field access to the mail sending form, when the "Email contact link" formatter is used.

This vulnerability is mitigated by the fact that it requires the "Email contact link" formatter to be used.

RESTful Web Services - Critical - Access bypass - SA-CONTRIB-2024-019

Date: 
2024-May-15
Security risk: 
Critical 16 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Proof/TD:All
CVE IDs: 
CVE-2024-13255

This module exposes Drupal resources (e.g. entities) as RESTful web services.

The module doesn't sufficiently restrict access for user resources.

REST Views - Moderately critical - Information Disclosure - SA-CONTRIB-2024-018

Date: 
2024-April-24
Security risk: 
Moderately critical 14 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default
CVE IDs: 
CVE-2024-13254

The Rest views module lets site admins create rest exports in views with additional options for serializing data.

This module does not accurately check access and may expose paths to unpublished content.

This vulnerability is mitigated by the fact that there must be a specific content structure to expose.

Paths to unpublished entities (such as nodes) will be exposed if those entities are referenced from other entities listed in a REST display, and the reference field on those listed entities is displayed with the "Entity path" formatter.

Pages

Subscribe with RSS Subscribe to Security advisories