Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

Drupal Commerce - Less Critical - Information disclosure - SA-CONTRIB-2016-019

By Drupal Security Team on 6 Apr 2016 at 16:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-019
Project: Drupal Commerce (third-party module)
Version: 7.x
Date: 2016-April-06
Security risk: 9/25 ( Less Critical) AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:Default
Vulnerability: Information Disclosure

HybridAuth - Less critical - Multiple vulnerabilities - SA-CONTRIB-2016-018

By Drupal Security Team on 6 Apr 2016 at 15:13 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-018
Project: HybridAuth Social Login (third-party module)
Version: 7.x
Date: 2016-April-06
Security risk: 9/25 ( Less Critical) AC:Complex/A:User/CI:Some/II:None/E:Theoretical/TD:Default
Vulnerability: Information Disclosure, Open Redirect

Login one time - Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-017

By Drupal Security Team on 23 Mar 2016 at 14:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-017
Project: Login one time (third-party module)
Version: 6.x, 7.x
Date: 2016-March-23
Security risk: 15/25 ( Critical) AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Fast Autocomplete - Critical - DOS vulnerability - SA-CONTRIB-2016-016

By Drupal Security Team on 16 Mar 2016 at 15:02 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-016
Project: Fast Autocomplete (third-party module)
Version: 7.x
Date: 2016-March-16
Security risk: 12/25 ( Moderately Critical) AC:None/A:None/CI:None/II:None/E:Theoretical/TD:All
Vulnerability: Denial of Service

Scald File - Critical - Remote Code Execution - SA-CONTRIB-2016-015

By Drupal Security Team on 9 Mar 2016 at 20:10 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-015
Project: Scald File Provider (third-party module)
Version: 7.x
Date: 2016-March-09
Security risk: 18/25 ( Critical) AC:Basic/A:User/CI:All/II:All/E:Theoretical/TD:All
Vulnerability: Arbitrary PHP code execution

Fieldable Panels Panes - Moderately Critical - Access Bypass - SA-CONTRIB-2016-014

By Drupal Security Team on 2 Mar 2016 at 15:24 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-014
Project: Fieldable Panels Panes (FPP) (third-party module)
Version: 7.x
Date: 2016-March-02
Security risk: 10/25 ( Moderately Critical) AC:Complex/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon
Vulnerability: Access bypass

Pages

Subscribe with RSS