Drupal core – Moderately critical – Access bypass – SA-CORE-2023-005
Project: Drupal coreDate: 2023-April-19Security risk: Moderately critical 13∕25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:AllVulnerability: Access bypassDescription: The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to.
Some sites may require configuration...
Drupal core – Moderately critical – Access bypass – SA-CORE-2023-004
Project: Drupal coreDate: 2023-March-15Security risk: Moderately critical 14∕25 AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:UncommonVulnerability: Access bypassAffected versions: <7.95 || >=8.0.0 <9.4.12 || >=9.5.0 <9.5.5 || >=10.0.0 <10.0.5Description: Drupal core provides a page that outputs the markup from phpinfo() to assist with diagnosing PHP configuration.
If an attacker was able to achieve...
Drupal core – Moderately critical – Information Disclosure – SA-CORE-2023-003
Project: Drupal coreDate: 2023-March-15Security risk: Moderately critical 13∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:UncommonVulnerability: Information DisclosureAffected versions: >=8.0.0 <9.4.12 || >=9.5.0 <9.5.5 || >=10.0.0 <10.0.5Description: The language module provides a Language switcher block which can be placed to provide links to quickly switch between different languages.
The URL of unpublished translations...
Drupal core – Moderately critical – Information Disclosure – SA-CORE-2023-002
Project: Drupal coreDate: 2023-March-15Security risk: Moderately critical 14∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Information DisclosureAffected versions: >=8.0.0 <9.4.12 || >=9.5.0 <9.5.5 || >=10.0.0 <10.0.5Description: The Media module does not properly check entity access in some circumstances. This may result in users seeing thumbnails of media items they do not...
Drupal core – Moderately critical – Information Disclosure – SA-CORE-2023-001
Project: Drupal coreDate: 2023-January-18Security risk: Moderately critical 12∕25 AC:None/A:User/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Information DisclosureAffected versions: >=8.0.0 <9.4.10 || >=9.5.0 <9.5.2 || >=10.0.0 <10.0.2Description: The Media Library module does not properly check entity access in some circumstances. This may result in users with access to edit content seeing metadata...
Drupal core – Critical – Multiple vulnerabilities – SA-CORE-2022-016
Project: Drupal coreDate: 2022-September-28Security risk: Critical 18∕25 AC:Basic/A:Admin/CI:All/II:All/E:Proof/TD:AllVulnerability: Multiple vulnerabilitiesAffected versions: >= 8.0.0 <9.3.22 || >= 9.4.0 <9.4.7CVE IDs: CVE-2022-39261Description: Drupal uses the Twig third-party library for content templating and sanitization. Twig has released a security update that affects Drupal. Twig has rated the vulnerability as...
Drupal core – Moderately critical – Multiple vulnerabilities – SA-CORE-2022-015
Project: Drupal coreDate: 2022-July-20Security risk: Moderately critical 11∕25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Multiple vulnerabilitiesDescription: The Media oEmbed iframe route does not properly validate the iframe domain setting, which allows embeds to be displayed in the context of the primary domain. Under certain circumstances, this could lead to...
Drupal core – Critical – Arbitrary PHP code execution – SA-CORE-2022-014
Project: Drupal coreDate: 2022-July-20Security risk: Critical 15∕25 AC:Basic/A:Admin/CI:All/II:All/E:Theoretical/TD:UncommonVulnerability: Arbitrary PHP code executionDescription: Drupal core sanitizes filenames with dangerous extensions upon upload (reference: SA-CORE-2020-012) and strips leading and trailing dots from filenames to prevent uploading server configuration files (reference: SA-CORE-2019-010).
However, the protections for these...
Drupal core – Moderately critical – Access Bypass – SA-CORE-2022-013
Project: Drupal coreDate: 2022-July-20Security risk: Moderately critical 12∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Access BypassDescription: Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to.
No forms provided...
Drupal core – Moderately critical – Information Disclosure – SA-CORE-2022-012
Project: Drupal coreDate: 2022-July-20Security risk: Moderately critical 13∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:UncommonVulnerability: Information DisclosureDescription: In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system.
Access to a...
Drupal core – Moderately critical – Third-party libraries – SA-CORE-2022-011
Project: Drupal coreDate: 2022-June-10Security risk: Moderately critical 13∕25 AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Third-party librariesCVE IDs: CVE-2022-31042CVE-2022-31043Description: Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external services. Guzzle has released two security advisories:
Failure to strip the Cookie header on change in host or HTTP...